Jump to content


Photo
- - - - -

Redirects and url:mal avast reports

Started by tarumbl, Apr 04 2012 10:39 PM

  • This topic is locked This topic is locked
11 replies to this topic

#1 tarumbl

tarumbl

    New Member

  • Members
  • Pip
  • 6 posts

Posted 04 April 2012 - 10:39 PM

Hi, about 6 days ago my computer shut down by itself while I was still using it. Once I turned it back on everything was gone, all that remained was a S.M.A.R.T. HDD (I think it was HDD) icon on the desktop and in the start menu. I ran a system restore and it did nothing the first time, so I ran it again with an older restore point helped. I got all my icons back and only had to "unhide" some of them which I was able to do. My current problem is the current effects of this infection. I continuously get avast telling me there is an url:mal infection and that it successfully stopped it from doing anything. I also get redirected everytime I press a link on google and my computer just seems to be running slower overall. Sorry for rambling but I wasn't sure what was relevant and what wasn't.

Here are the logs from DDS:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Alex at 16:45:21 on 2012-04-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3956.2123 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\ToolKitService\ToolkitService.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bbc.co.uk/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_7741&r=27360710i716l04e8z1j5t4511o21q
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_7741&r=27360710i716l04e8z1j5t4511o21q
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_7741&r=27360710i716l04e8z1j5t4511o21q
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: ToolKit IE Helper: {70ea269e-56df-49c2-86b2-1a1924ed88b4} - C:\Program Files (x86)\ToolKitService\splash.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: eToolKit Toolbar: {d3b22a92-87a2-47b6-b3e6-a64877b5c242} - C:\Program Files (x86)\ToolKitService\toolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [<NO NAME>]
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
dRun: [Samsung.PCSync] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
TCP: DhcpNameServer = 10.149.0.21 10.149.0.20
TCP: Interfaces\{D6BF0B94-8941-4213-B997-2D88409D9809} : DhcpNameServer = 10.149.0.21 10.149.0.20
TCP: Interfaces\{D6BF0B94-8941-4213-B997-2D88409D9809}\241696E602E4564777F627B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D6BF0B94-8941-4213-B997-2D88409D9809}\84453402E6564777F627B6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D6BF0B94-8941-4213-B997-2D88409D9809}\C696E6B6379737 : DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: ToolKit IE Helper: {70EA269E-56DF-49C2-86B2-1A1924ED88B4} - C:\Program Files (x86)\ToolKitService\splash.dll
BHO-X64: ToolKit IE Helper - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: eToolKit Toolbar: {D3B22A92-87A2-47b6-B3E6-A64877B5C242} - C:\Program Files (x86)\ToolKitService\toolbar.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [(Default)]
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]
R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-4-1 44768]
R2 avast! Firewall;avast! Firewall;C:\Program Files\Alwil Software\Avast5\afwServ.exe [2012-4-1 134920]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-5-18 325200]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-5-18 865824]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-27 13336]
R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-2-1 305520]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-8 250368]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416]
R2 ToolkitSvc;Toolkit Service;C:\Program Files (x86)\ToolKitService\toolkitservice.exe [2011-12-20 687168]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-3-27 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-3-27 243232]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 DKRtWrt;DKRtWrt;C:\Windows\system32\DRIVERS\DKRtWrt.sys --> C:\Windows\system32\DRIVERS\DKRtWrt.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-5 136176]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-29 652360]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-5 136176]
S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360]
S3 ToolkitDisk;ToolkitDisk;\??\C:\Windows\system32\Drivers\toolkitdisk.sys --> C:\Windows\system32\Drivers\toolkitdisk.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-04-03 14:24:19 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2C068070-F3AB-42B2-81E8-207094352C28}\mpengine.dll
2012-04-01 17:23:59 141144 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2012-04-01 17:23:37 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-04-01 17:23:37 28504 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2012-04-01 17:23:37 258904 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
2012-03-31 07:19:03 -------- d-----w- C:\Users\Alex\AppData\Local\IsolatedStorage
2012-03-31 07:19:03 -------- d-----w- C:\ProgramData\XHEO INC
2012-03-31 07:18:51 -------- d-----w- C:\Users\Alex\AppData\Roaming\HoldemManager
2012-03-31 07:18:25 -------- d-----w- C:\Program Files (x86)\Holdem Manager 2
2012-03-31 07:18:10 -------- d-----w- C:\Program Files (x86)\PSQLINSTALL
2012-03-31 05:26:55 -------- d-----w- C:\ProgramData\boost_interprocess
2012-03-30 00:36:15 -------- d-----w- C:\Program Files\Oracle
2012-03-30 00:34:41 750488 ----a-w- C:\Windows\System32\npdeployJava1.dll
2012-03-29 23:53:18 -------- d-----w- C:\Users\Alex\AppData\Local\Secunia PSI
2012-03-29 22:13:59 -------- d-----w- C:\Program Files (x86)\Secunia
2012-03-29 21:27:50 -------- d-----w- C:\Program Files (x86)\ESET
2012-03-29 21:20:53 -------- d-----w- C:\Users\Alex\AppData\Roaming\Malwarebytes
2012-03-29 21:20:37 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-29 21:20:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-28 22:47:16 -------- d-----w- C:\Users\Alex\AppData\Roaming\Kaspersky Lab
2012-03-28 22:41:34 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2012-03-14 18:40:59 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-14 18:40:58 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-14 18:40:58 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-14 18:40:49 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-14 18:40:49 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-14 18:40:49 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-14 18:40:48 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-14 18:40:48 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-14 18:40:48 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-14 18:40:48 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-08 20:57:50 -------- d-----w- C:\Program Files\iPod
2012-03-08 20:57:49 -------- d-----w- C:\Program Files\iTunes
2012-03-08 20:57:49 -------- d-----w- C:\Program Files (x86)\iTunes
2012-03-08 20:54:58 -------- d-----w- C:\Program Files\Bonjour
.
==================== Find3M ====================
.
2012-03-06 23:15:19 41184 ----a-w- C:\Windows\avastSS.scr
2012-03-06 23:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-03-06 23:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-02-23 13:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-15 16:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 16:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-01-10 17:28:14 660368 ----a-w- C:\Windows\System32\deployJava1.dll
.
============= FINISH: 16:54:26.48 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 20/07/2010 8:48:41 AM
System Uptime: 04/04/2012 11:50:04 AM (5 hours ago)
.
Motherboard: Acer | | Aspire 7741
Processor: Intel® Core™ i5 CPU M 430 @ 2.27GHz | CPU 1 | 1314/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 583 GiB total, 165.277 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP406: 04/04/2012 1:03:41 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acer Backup Manager
Acer Crystal Eye webcam Ver:1.1.158.203
Acer ePower Management
Acer eRecovery Management
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color Video Profiles AE CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Dreamweaver CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fonts All
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe MotionPicture Color Files CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Reader 9.5.0 MUI
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe XMP Panels CS4
AdobeColorCommonSetRGB
Alcor Micro USB Card Reader
Apple Application Support
Apple Software Update
avast! Internet Security
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Backup Manager Basic
BufferChm
Camtasia Studio 7
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Compatibility Pack for the 2007 Office system
Connect
Counter-Strike
Counter-Strike: Condition Zero
Counter-Strike: Source
D1600
DeviceDiscovery
DJ_SF_06_D1600_SW_Min
ESET Online Scanner v3
eToolKit
Fraps (remove only)
Google Update Helper
GPBaseService2
Heroes™ II Gold
Holdem Manager 2
HP Deskjet 1000 J110 series Help
HP Update
HPPhotoGadget
HPProductAssistant
HPSSupply
Identity Card
Intel® Control Center
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Driver
Junk Mail filter update
kuler
Launch Manager
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Fireworks MX
Macromedia Flash MX
Macromedia FreeHand MX
Magic ISO Maker v5.4 (build 0239)
Malwarebytes Anti-Malware version 1.60.1.1000
MarketResearch
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MSVC80_x86
MSVCRT
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MyWinLocker
MyWinLocker Suite
PC Connectivity Solution
Photodex Presenter
Photoshop Camera Raw
Pixel Bender Toolkit
PokerStars
PokerStove version 1.24
PowerISO
ProShow Gold
QuickTime
Realtek High Definition Audio Driver
Samsung PC Studio 7
SamsungConnectivityCableDriver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Shredder
SmartWebPrinting
SolutionCenter
Status
Steam
Suite Shared Configuration CS4
Toolbox
Total Video Converter 3.11 070908
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Vegas Pro 10.0
Ventrilo Client
VLC media player 2.0.1
WebM Media Foundation Components
WebReg
Welcome Center
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
Worms Reloaded
.
==== Event Viewer Messages From Past Week ========
.
04/04/2012 7:07:15 AM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
04/04/2012 7:07:15 AM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
04/04/2012 7:05:06 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd
04/04/2012 7:04:39 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126
04/04/2012 7:04:16 AM, Error: sptd [4] - Driver detected an internal error in its data structures for .
04/04/2012 3:49:38 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.207.244 did not allow the name to be claimed by this computer.
04/04/2012 3:25:21 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.242.213 did not allow the name to be claimed by this computer.
04/04/2012 2:49:03 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.218.215 did not allow the name to be claimed by this computer.
04/04/2012 2:39:42 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer MARSALAMAZING that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D6BF0B94-8941-4213-B997-2D88409D9809}. The master browser is stopping or an election is being forced.
04/04/2012 2:34:19 PM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
04/04/2012 2:03:21 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.244.136 did not allow the name to be claimed by this computer.
04/04/2012 12:29:11 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
04/04/2012 11:40:52 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.115.76 did not allow the name to be claimed by this computer.
04/04/2012 11:35:37 AM, Error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 3 time(s).
04/04/2012 11:35:37 AM, Error: Service Control Manager [7034] - The Network Location Awareness service terminated unexpectedly. It has done this 3 time(s).
04/04/2012 11:35:37 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 3 time(s).
04/04/2012 11:34:44 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error: An instance of the service is already running.
04/04/2012 11:30:55 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.124.108 did not allow the name to be claimed by this computer.
04/04/2012 11:29:44 AM, Error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 2 time(s).
04/04/2012 11:29:44 AM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
04/04/2012 11:29:44 AM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
04/04/2012 11:29:44 AM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
04/04/2012 11:13:48 AM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
04/04/2012 11:13:48 AM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
04/04/2012 11:13:48 AM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
04/04/2012 11:13:48 AM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
04/04/2012 1:49:59 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.143.203 did not allow the name to be claimed by this computer.
04/04/2012 1:30:53 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.170.209 did not allow the name to be claimed by this computer.
04/04/2012 1:30:22 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.170.226 did not allow the name to be claimed by this computer.
04/04/2012 1:26:08 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.13.94 did not allow the name to be claimed by this computer.
04/04/2012 1:12:46 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.17.60 did not allow the name to be claimed by this computer.
04/04/2012 1:04:03 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.6.228.144. The computer with the IP address 10.6.33.31 did not allow the name to be claimed by this computer.
02/04/2012 8:48:02 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0.
.
==== End Of File ===========================


I apologize if I posted anything unnecessary, I tried following the guidelines. Any help is greatly appreciated :D:D

#2 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 17,441 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 05 April 2012 - 07:27 AM

Hello tarumbl and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:
  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image

  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image

  • Click the Start Scan button.

    Posted Image

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image

  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image

  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.


In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

#3 tarumbl

tarumbl

    New Member

  • Members
  • Pip
  • 6 posts

Posted 05 April 2012 - 11:55 AM

Thank you Maniac! Here are the logs I was just wondering if I was supposed to disable my antivirus (Avast) because when I chose to cure the Malware that TDSS found Avast poped up and said that it was stopping Malware from infecting my computer but the file name was the tdsskiller.exe. I was a little bit confused as to whether or not TDSSkiller still worked. Thanks for the help!

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.04.02.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Alex :: ALEX-PC [administrator]
Protection: Disabled
05/04/2012 11:50:55 AM
mbam-log-2012-04-05 (11-50-55).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240025
Time elapsed: 8 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

11:34:16.0587 27536 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
11:34:18.0589 27536 ============================================================
11:34:18.0589 27536 Current date / time: 2012/04/05 11:34:18.0589
11:34:18.0589 27536 SystemInfo:
11:34:18.0589 27536
11:34:18.0589 27536 OS Version: 6.1.7601 ServicePack: 1.0
11:34:18.0590 27536 Product type: Workstation
11:34:18.0590 27536 ComputerName: ALEX-PC
11:34:18.0590 27536 UserName: Alex
11:34:18.0590 27536 Windows directory: C:\Windows
11:34:18.0590 27536 System windows directory: C:\Windows
11:34:18.0590 27536 Running under WOW64
11:34:18.0590 27536 Processor architecture: Intel x64
11:34:18.0590 27536 Number of processors: 4
11:34:18.0590 27536 Page size: 0x1000
11:34:18.0590 27536 Boot type: Normal boot
11:34:18.0590 27536 ============================================================
11:34:19.0131 27536 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:19.0138 27536 \Device\Harddisk0\DR0:
11:34:19.0138 27536 MBR used
11:34:19.0139 27536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
11:34:19.0139 27536 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x48EC12B0
11:34:19.0172 27536 Initialize success
11:34:19.0172 27536 ============================================================
11:34:46.0463 24688 ============================================================
11:34:46.0463 24688 Scan started
11:34:46.0463 24688 Mode: Manual; SigCheck; TDLFS;
11:34:46.0463 24688 ============================================================
11:34:47.0215 24688 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:34:47.0378 24688 1394ohci - ok
11:34:47.0497 24688 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:34:47.0532 24688 ACPI - ok
11:34:47.0648 24688 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:34:47.0705 24688 AcpiPmi - ok
11:34:47.0845 24688 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:34:47.0872 24688 AdobeFlashPlayerUpdateSvc - ok
11:34:48.0002 24688 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:34:48.0044 24688 adp94xx - ok
11:34:48.0167 24688 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:34:48.0202 24688 adpahci - ok
11:34:48.0333 24688 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:34:48.0363 24688 adpu320 - ok
11:34:48.0444 24688 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:34:48.0546 24688 AeLookupSvc - ok
11:34:48.0677 24688 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:34:48.0749 24688 AFD - ok
11:34:48.0862 24688 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:34:48.0887 24688 agp440 - ok
11:34:48.0935 24688 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:34:48.0986 24688 ALG - ok
11:34:49.0123 24688 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:34:49.0146 24688 aliide - ok
11:34:49.0202 24688 AMD External Events Utility (3d90cf67db75823a8480e56bbcd2e028) C:\Windows\system32\atiesrxx.exe
11:34:49.0264 24688 AMD External Events Utility - ok
11:34:49.0386 24688 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:34:49.0409 24688 amdide - ok
11:34:49.0461 24688 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:34:49.0507 24688 AmdK8 - ok
11:34:49.0768 24688 amdkmdag (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atipmdag.sys
11:34:50.0117 24688 amdkmdag - ok
11:34:50.0218 24688 amdkmdap (414e0788920a8c856032be2cbf29f984) C:\Windows\system32\DRIVERS\atikmpag.sys
11:34:50.0279 24688 amdkmdap - ok
11:34:50.0376 24688 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:34:50.0429 24688 AmdPPM - ok
11:34:50.0539 24688 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
11:34:50.0566 24688 amdsata - ok
11:34:50.0598 24688 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:34:50.0628 24688 amdsbs - ok
11:34:50.0668 24688 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
11:34:50.0691 24688 amdxata - ok
11:34:50.0787 24688 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
11:34:50.0831 24688 AmUStor - ok
11:34:50.0948 24688 ApfiltrService (fab590e0fc28cb474b965f8267458e14) C:\Windows\system32\DRIVERS\Apfiltr.sys
11:34:51.0003 24688 ApfiltrService - ok
11:34:51.0118 24688 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:34:51.0233 24688 AppID - ok
11:34:51.0335 24688 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:34:51.0438 24688 AppIDSvc - ok
11:34:51.0542 24688 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:34:51.0654 24688 Appinfo - ok
11:34:51.0798 24688 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:34:51.0819 24688 Apple Mobile Device - ok
11:34:51.0920 24688 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:34:51.0947 24688 arc - ok
11:34:51.0973 24688 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:34:51.0999 24688 arcsas - ok
11:34:52.0145 24688 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:34:52.0187 24688 aspnet_state - ok
11:34:52.0270 24688 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
11:34:52.0290 24688 aswFsBlk - ok
11:34:52.0427 24688 aswFW (ffe56ac75a257141561daf42c3f7d16b) C:\Windows\system32\drivers\aswFW.sys
11:34:52.0451 24688 aswFW - ok
11:34:52.0590 24688 aswKbd (316271cc32fdfffcdb30677684906d5e) C:\Windows\system32\drivers\aswKbd.sys
11:34:52.0610 24688 aswKbd - ok
11:34:52.0757 24688 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
11:34:52.0777 24688 aswMonFlt - ok
11:34:52.0906 24688 aswNdis (518b8d447a1975ab46da093a2e743256) C:\Windows\system32\DRIVERS\aswNdis.sys
11:34:52.0924 24688 aswNdis - ok
11:34:53.0058 24688 aswNdis2 (36dbcb80e0af1dc228f495faf00a4bc8) C:\Windows\system32\drivers\aswNdis2.sys
11:34:53.0085 24688 aswNdis2 - ok
11:34:53.0213 24688 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
11:34:53.0233 24688 aswRdr - ok
11:34:53.0408 24688 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
11:34:53.0460 24688 aswSnx - ok
11:34:53.0531 24688 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
11:34:53.0563 24688 aswSP - ok
11:34:53.0672 24688 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
11:34:53.0693 24688 aswTdi - ok
11:34:53.0797 24688 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:34:53.0900 24688 AsyncMac - ok
11:34:54.0059 24688 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:34:54.0081 24688 atapi - ok
11:34:54.0247 24688 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys
11:34:54.0378 24688 athr - ok
11:34:54.0480 24688 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
11:34:54.0503 24688 AtiHdmiService - ok
11:34:54.0601 24688 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:34:54.0737 24688 AudioEndpointBuilder - ok
11:34:54.0753 24688 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:34:54.0850 24688 AudioSrv - ok
11:34:54.0944 24688 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:34:54.0964 24688 avast! Antivirus - ok
11:34:55.0018 24688 avast! Firewall (7d465549dfb0eca6601e9609c72cd20a) C:\Program Files\Alwil Software\Avast5\afwServ.exe
11:34:55.0040 24688 avast! Firewall - ok
11:34:55.0160 24688 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:34:55.0204 24688 AxInstSV - ok
11:34:55.0283 24688 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:34:55.0333 24688 b06bdrv - ok
11:34:55.0441 24688 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:34:55.0505 24688 b57nd60a - ok
11:34:55.0637 24688 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
11:34:55.0742 24688 BCM43XX - ok
11:34:55.0841 24688 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:34:55.0889 24688 BDESVC - ok
11:34:55.0978 24688 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:34:56.0075 24688 Beep - ok
11:34:56.0199 24688 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:34:56.0312 24688 BFE - ok
11:34:56.0357 24688 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:34:56.0521 24688 BITS - ok
11:34:56.0626 24688 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:34:56.0675 24688 blbdrive - ok
11:34:56.0787 24688 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:34:56.0822 24688 Bonjour Service - ok
11:34:56.0924 24688 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:34:56.0966 24688 bowser - ok
11:34:57.0067 24688 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:34:57.0120 24688 BrFiltLo - ok
11:34:57.0212 24688 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:34:57.0268 24688 BrFiltUp - ok
11:34:57.0387 24688 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:34:57.0489 24688 Browser - ok
11:34:57.0550 24688 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:34:57.0607 24688 Brserid - ok
11:34:57.0716 24688 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:34:57.0775 24688 BrSerWdm - ok
11:34:57.0871 24688 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:34:57.0924 24688 BrUsbMdm - ok
11:34:58.0028 24688 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:34:58.0077 24688 BrUsbSer - ok
11:34:58.0203 24688 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:34:58.0258 24688 BTHMODEM - ok
11:34:58.0356 24688 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:34:58.0461 24688 bthserv - ok
11:34:58.0564 24688 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:34:58.0648 24688 cdfs - ok
11:34:58.0772 24688 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:34:58.0807 24688 cdrom - ok
11:34:58.0885 24688 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:34:58.0980 24688 CertPropSvc - ok
11:34:59.0073 24688 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:34:59.0126 24688 circlass - ok
11:34:59.0229 24688 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:34:59.0262 24688 CLFS - ok
11:34:59.0345 24688 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:34:59.0367 24688 clr_optimization_v2.0.50727_32 - ok
11:34:59.0425 24688 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:34:59.0448 24688 clr_optimization_v2.0.50727_64 - ok
11:34:59.0605 24688 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:34:59.0654 24688 clr_optimization_v4.0.30319_32 - ok
11:34:59.0704 24688 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:34:59.0740 24688 clr_optimization_v4.0.30319_64 - ok
11:34:59.0814 24688 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:34:59.0860 24688 CmBatt - ok
11:34:59.0956 24688 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:34:59.0979 24688 cmdide - ok
11:35:00.0041 24688 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:35:00.0090 24688 CNG - ok
11:35:00.0204 24688 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:35:00.0227 24688 Compbatt - ok
11:35:00.0335 24688 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:35:00.0522 24688 CompositeBus - ok
11:35:00.0594 24688 COMSysApp - ok
11:35:00.0640 24688 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:35:00.0664 24688 crcdisk - ok
11:35:00.0781 24688 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
11:35:00.0936 24688 CryptSvc - ok
11:35:01.0072 24688 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:35:01.0208 24688 DcomLaunch - ok
11:35:01.0249 24688 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:35:01.0357 24688 defragsvc - ok
11:35:01.0438 24688 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:35:01.0535 24688 DfsC - ok
11:35:01.0653 24688 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:35:01.0744 24688 Dhcp - ok
11:35:01.0796 24688 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:35:01.0896 24688 discache - ok
11:35:02.0046 24688 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:35:02.0070 24688 Disk - ok
11:35:02.0245 24688 Diskeeper (e50664f505d80fc2bed3186807609c22) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
11:35:02.0366 24688 Diskeeper - ok
11:35:02.0481 24688 DKRtWrt (20c394c80113d77406df8f1adc720b01) C:\Windows\system32\DRIVERS\DKRtWrt.sys
11:35:02.0498 24688 DKRtWrt - ok
11:35:02.0536 24688 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:35:02.0571 24688 Dnscache - ok
11:35:02.0617 24688 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:35:02.0725 24688 dot3svc - ok
11:35:02.0830 24688 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
11:35:02.0891 24688 Dot4 - ok
11:35:03.0004 24688 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
11:35:03.0057 24688 Dot4Print - ok
11:35:03.0085 24688 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
11:35:03.0133 24688 dot4usb - ok
11:35:03.0179 24688 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:35:03.0265 24688 DPS - ok
11:35:03.0325 24688 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:35:03.0381 24688 drmkaud - ok
11:35:03.0446 24688 DsiWMIService (55f6f3e0df82e0113082852347bf2c16) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:35:03.0474 24688 DsiWMIService - ok
11:35:03.0585 24688 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:35:03.0663 24688 DXGKrnl - ok
11:35:03.0769 24688 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:35:03.0869 24688 EapHost - ok
11:35:03.0988 24688 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:35:04.0152 24688 ebdrv - ok
11:35:04.0250 24688 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:35:04.0297 24688 EFS - ok
11:35:04.0404 24688 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:35:04.0474 24688 ehRecvr - ok
11:35:04.0504 24688 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:35:04.0552 24688 ehSched - ok
11:35:04.0654 24688 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:35:04.0696 24688 elxstor - ok
11:35:04.0849 24688 ePowerSvc (49eef52bfb986a2b5d70f4ec12637d7b) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:35:04.0907 24688 ePowerSvc - ok
11:35:04.0992 24688 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:35:05.0035 24688 ErrDev - ok
11:35:05.0124 24688 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:35:05.0233 24688 EventSystem - ok
11:35:05.0291 24688 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:35:05.0391 24688 exfat - ok
11:35:05.0482 24688 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:35:05.0583 24688 fastfat - ok
11:35:05.0701 24688 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:35:05.0754 24688 Fax - ok
11:35:05.0796 24688 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:35:05.0856 24688 fdc - ok
11:35:05.0929 24688 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:35:06.0026 24688 fdPHost - ok
11:35:06.0051 24688 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:35:06.0149 24688 FDResPub - ok
11:35:06.0215 24688 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:35:06.0237 24688 FileInfo - ok
11:35:06.0343 24688 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:35:06.0456 24688 Filetrace - ok
11:35:06.0540 24688 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:35:06.0582 24688 FLEXnet Licensing Service - ok
11:35:06.0665 24688 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:35:06.0711 24688 flpydisk - ok
11:35:06.0811 24688 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:35:06.0843 24688 FltMgr - ok
11:35:06.0916 24688 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
11:35:07.0067 24688 FontCache - ok
11:35:07.0184 24688 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:35:07.0204 24688 FontCache3.0.0.0 - ok
11:35:07.0264 24688 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:35:07.0288 24688 FsDepends - ok
11:35:07.0329 24688 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:35:07.0352 24688 Fs_Rec - ok
11:35:07.0483 24688 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:35:07.0519 24688 fvevol - ok
11:35:07.0565 24688 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:35:07.0590 24688 gagp30kx - ok
11:35:07.0636 24688 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:35:07.0654 24688 GEARAspiWDM - ok
11:35:07.0712 24688 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:35:07.0850 24688 gpsvc - ok
11:35:07.0962 24688 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
11:35:08.0014 24688 Greg_Service - ok
11:35:08.0155 24688 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:35:08.0176 24688 gupdate - ok
11:35:08.0188 24688 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:35:08.0208 24688 gupdatem - ok
11:35:08.0285 24688 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:35:08.0326 24688 hcw85cir - ok
11:35:08.0442 24688 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:35:08.0499 24688 HdAudAddService - ok
11:35:08.0584 24688 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:35:08.0637 24688 HDAudBus - ok
11:35:08.0734 24688 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
11:35:08.0754 24688 HECIx64 - ok
11:35:08.0786 24688 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:35:08.0837 24688 HidBatt - ok
11:35:08.0919 24688 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:35:08.0975 24688 HidBth - ok
11:35:09.0094 24688 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:35:09.0141 24688 HidIr - ok
11:35:09.0238 24688 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:35:09.0340 24688 hidserv - ok
11:35:09.0478 24688 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:35:09.0507 24688 HidUsb - ok
11:35:09.0549 24688 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:35:09.0644 24688 hkmsvc - ok
11:35:09.0743 24688 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:35:09.0801 24688 HomeGroupListener - ok
11:35:09.0894 24688 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:35:09.0948 24688 HomeGroupProvider - ok
11:35:10.0170 24688 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:35:10.0195 24688 hpqcxs08 - ok
11:35:10.0218 24688 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:35:10.0239 24688 hpqddsvc - ok
11:35:10.0352 24688 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:35:10.0378 24688 HpSAMD - ok
11:35:10.0434 24688 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:35:10.0556 24688 HTTP - ok
11:35:10.0629 24688 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:35:10.0652 24688 hwpolicy - ok
11:35:10.0782 24688 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:35:10.0814 24688 i8042prt - ok
11:35:10.0871 24688 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys
11:35:10.0905 24688 iaStor - ok
11:35:11.0006 24688 IAStorDataMgrSvc (48362e5db5cb2c000c514ee1f3890acd) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:35:11.0023 24688 IAStorDataMgrSvc - ok
11:35:11.0162 24688 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
11:35:11.0200 24688 iaStorV - ok
11:35:11.0298 24688 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:35:11.0366 24688 idsvc - ok
11:35:11.0583 24688 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:35:11.0880 24688 igfx - ok
11:35:11.0983 24688 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:35:12.0007 24688 iirsp - ok
11:35:12.0075 24688 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:35:12.0213 24688 IKEEXT - ok
11:35:12.0319 24688 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
11:35:12.0357 24688 Impcd - ok
11:35:12.0500 24688 IntcAzAudAddService (53019327813ff5ab2964b33b2c61307c) C:\Windows\system32\drivers\RTKVHD64.sys
11:35:12.0626 24688 IntcAzAudAddService - ok
11:35:12.0730 24688 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:35:12.0753 24688 intelide - ok
11:35:12.0810 24688 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:35:12.0856 24688 intelppm - ok
11:35:12.0934 24688 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:35:13.0023 24688 IPBusEnum - ok
11:35:13.0063 24688 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:35:13.0155 24688 IpFilterDriver - ok
11:35:13.0204 24688 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:35:13.0311 24688 iphlpsvc - ok
11:35:13.0369 24688 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:35:13.0415 24688 IPMIDRV - ok
11:35:13.0453 24688 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:35:13.0561 24688 IPNAT - ok
11:35:13.0710 24688 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
11:35:13.0779 24688 iPod Service - ok
11:35:13.0896 24688 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:35:13.0959 24688 IRENUM - ok
11:35:14.0058 24688 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:35:14.0082 24688 isapnp - ok
11:35:14.0136 24688 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:35:14.0170 24688 iScsiPrt - ok
11:35:14.0224 24688 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
11:35:14.0255 24688 k57nd60a - ok
11:35:14.0346 24688 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
11:35:14.0371 24688 kbdclass - ok
11:35:14.0421 24688 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
11:35:14.0465 24688 kbdhid - ok
11:35:14.0506 24688 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:35:14.0537 24688 KeyIso - ok
11:35:14.0558 24688 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:35:14.0584 24688 KSecDD - ok
11:35:14.0611 24688 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:35:14.0639 24688 KSecPkg - ok
11:35:14.0678 24688 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:35:14.0768 24688 ksthunk - ok
11:35:14.0814 24688 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:35:14.0912 24688 KtmRm - ok
11:35:15.0019 24688 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
11:35:15.0065 24688 L1E - ok
11:35:15.0171 24688 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:35:15.0280 24688 LanmanServer - ok
11:35:15.0313 24688 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:35:15.0422 24688 LanmanWorkstation - ok
11:35:15.0535 24688 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:35:15.0636 24688 lltdio - ok
11:35:15.0710 24688 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:35:15.0820 24688 lltdsvc - ok
11:35:15.0850 24688 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:35:15.0946 24688 lmhosts - ok
11:35:16.0037 24688 LMS (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:35:16.0061 24688 LMS - ok
11:35:16.0168 24688 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:35:16.0195 24688 LSI_FC - ok
11:35:16.0226 24688 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:35:16.0252 24688 LSI_SAS - ok
11:35:16.0276 24688 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:35:16.0301 24688 LSI_SAS2 - ok
11:35:16.0324 24688 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:35:16.0351 24688 LSI_SCSI - ok
11:35:16.0373 24688 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:35:16.0476 24688 luafv - ok
11:35:16.0583 24688 MBAMProtector - ok
11:35:16.0692 24688 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:35:16.0736 24688 MBAMService - ok
11:35:16.0842 24688 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:35:16.0891 24688 Mcx2Svc - ok
11:35:16.0948 24688 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:35:16.0972 24688 megasas - ok
11:35:16.0993 24688 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:35:17.0026 24688 MegaSR - ok
11:35:17.0146 24688 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:35:17.0167 24688 Microsoft Office Groove Audit Service - ok
11:35:17.0247 24688 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:35:17.0346 24688 MMCSS - ok
11:35:17.0410 24688 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:35:17.0510 24688 Modem - ok
11:35:17.0608 24688 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:35:17.0661 24688 monitor - ok
11:35:17.0770 24688 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:35:17.0794 24688 mouclass - ok
11:35:17.0897 24688 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:35:17.0940 24688 mouhid - ok
11:35:18.0035 24688 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:35:18.0060 24688 mountmgr - ok
11:35:18.0110 24688 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:35:18.0139 24688 mpio - ok
11:35:18.0176 24688 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:35:18.0279 24688 mpsdrv - ok
11:35:18.0335 24688 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:35:18.0466 24688 MpsSvc - ok
11:35:18.0586 24688 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:35:18.0650 24688 MRxDAV - ok
11:35:18.0693 24688 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:35:18.0735 24688 mrxsmb - ok
11:35:18.0778 24688 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:35:18.0824 24688 mrxsmb10 - ok
11:35:18.0868 24688 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:35:18.0897 24688 mrxsmb20 - ok
11:35:18.0943 24688 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:35:18.0968 24688 msahci - ok
11:35:19.0019 24688 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:35:19.0047 24688 msdsm - ok
11:35:19.0073 24688 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:35:19.0123 24688 MSDTC - ok
11:35:19.0201 24688 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:35:19.0283 24688 Msfs - ok
11:35:19.0346 24688 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:35:19.0442 24688 mshidkmdf - ok
11:35:19.0485 24688 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:35:19.0507 24688 msisadrv - ok
11:35:19.0567 24688 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:35:19.0675 24688 MSiSCSI - ok
11:35:19.0733 24688 msiserver - ok
11:35:19.0793 24688 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:35:19.0895 24688 MSKSSRV - ok
11:35:19.0992 24688 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:35:20.0086 24688 MSPCLOCK - ok
11:35:20.0098 24688 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:35:20.0180 24688 MSPQM - ok
11:35:20.0220 24688 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:35:20.0255 24688 MsRPC - ok
11:35:20.0299 24688 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:35:20.0324 24688 mssmbios - ok
11:35:20.0345 24688 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:35:20.0438 24688 MSTEE - ok
11:35:20.0460 24688 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:35:20.0508 24688 MTConfig - ok
11:35:20.0609 24688 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:35:20.0633 24688 Mup - ok
11:35:20.0684 24688 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:35:20.0702 24688 mwlPSDFilter - ok
11:35:20.0799 24688 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:35:20.0816 24688 mwlPSDNServ - ok
11:35:20.0835 24688 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:35:20.0855 24688 mwlPSDVDisk - ok
11:35:21.0160 24688 MWLService (22a4905c958beb68d78385b633c1351b) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
11:35:21.0188 24688 MWLService - ok
11:35:21.0290 24688 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:35:21.0419 24688 napagent - ok
11:35:21.0527 24688 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:35:21.0596 24688 NativeWifiP - ok
11:35:21.0658 24688 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:35:21.0722 24688 NDIS - ok
11:35:21.0826 24688 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:35:21.0930 24688 NdisCap - ok
11:35:22.0034 24688 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:35:22.0116 24688 NdisTapi - ok
11:35:22.0158 24688 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:35:22.0257 24688 Ndisuio - ok
11:35:22.0302 24688 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:35:22.0397 24688 NdisWan - ok
11:35:22.0446 24688 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:35:22.0547 24688 NDProxy - ok
11:35:22.0606 24688 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
11:35:22.0632 24688 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:35:22.0632 24688 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:35:22.0726 24688 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:35:22.0822 24688 NetBIOS - ok
11:35:22.0871 24688 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:35:22.0973 24688 NetBT - ok
11:35:23.0017 24688 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:35:23.0049 24688 Netlogon - ok
11:35:23.0098 24688 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:35:23.0214 24688 Netman - ok
11:35:23.0338 24688 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:23.0362 24688 NetMsmqActivator - ok
11:35:23.0368 24688 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:23.0390 24688 NetPipeActivator - ok
11:35:23.0441 24688 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:35:23.0553 24688 netprofm - ok
11:35:23.0694 24688 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:23.0714 24688 NetTcpActivator - ok
11:35:23.0720 24688 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:23.0742 24688 NetTcpPortSharing - ok
11:35:23.0814 24688 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:35:23.0841 24688 nfrd960 - ok
11:35:23.0906 24688 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:35:24.0010 24688 NlaSvc - ok
11:35:24.0087 24688 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:35:24.0169 24688 Npfs - ok
11:35:24.0197 24688 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:35:24.0290 24688 nsi - ok
11:35:24.0317 24688 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:35:24.0408 24688 nsiproxy - ok
11:35:24.0475 24688 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
11:35:24.0579 24688 Ntfs - ok
11:35:24.0676 24688 NTI IScheduleSvc (5b3ce960c62dbe864be9a0bd043a3e30) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
11:35:24.0705 24688 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - warning
11:35:24.0705 24688 NTI IScheduleSvc - detected UnsignedFile.Multi.Generic (1)
11:35:24.0791 24688 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
11:35:24.0810 24688 NTIDrvr - ok
11:35:24.0847 24688 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:35:24.0948 24688 Null - ok
11:35:25.0006 24688 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
11:35:25.0034 24688 nvraid - ok
11:35:25.0128 24688 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
11:35:25.0158 24688 nvstor - ok
11:35:25.0212 24688 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:35:25.0240 24688 nv_agp - ok
11:35:25.0380 24688 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:35:25.0416 24688 odserv - ok
11:35:25.0507 24688 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:35:25.0557 24688 ohci1394 - ok
11:35:25.0654 24688 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:35:25.0679 24688 ose - ok
11:35:25.0762 24688 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:35:25.0823 24688 p2pimsvc - ok
11:35:25.0863 24688 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:35:25.0917 24688 p2psvc - ok
11:35:25.0962 24688 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:35:26.0008 24688 Parport - ok
11:35:26.0038 24688 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:35:26.0063 24688 partmgr - ok
11:35:26.0100 24688 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:35:26.0162 24688 PcaSvc - ok
11:35:26.0248 24688 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
11:35:26.0293 24688 pccsmcfd - ok
11:35:26.0389 24688 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:35:26.0418 24688 pci - ok
11:35:26.0460 24688 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:35:26.0484 24688 pciide - ok
11:35:26.0515 24688 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:35:26.0548 24688 pcmcia - ok
11:35:26.0668 24688 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
11:35:26.0694 24688 pcouffin - ok
11:35:26.0735 24688 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:35:26.0759 24688 pcw - ok
11:35:26.0792 24688 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:35:26.0906 24688 PEAUTH - ok
11:35:26.0971 24688 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:35:27.0018 24688 PerfHost - ok
11:35:27.0128 24688 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:35:27.0291 24688 pla - ok
11:35:27.0390 24688 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:35:27.0445 24688 PlugPlay - ok
11:35:27.0559 24688 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
11:35:27.0592 24688 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:35:27.0593 24688 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:35:27.0623 24688 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:35:27.0666 24688 PNRPAutoReg - ok
11:35:27.0763 24688 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:35:27.0801 24688 PNRPsvc - ok
11:35:27.0846 24688 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:35:27.0940 24688 PolicyAgent - ok
11:35:27.0984 24688 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:35:28.0087 24688 Power - ok
11:35:28.0200 24688 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:35:28.0295 24688 PptpMiniport - ok
11:35:28.0330 24688 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:35:28.0376 24688 Processor - ok
11:35:28.0417 24688 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
11:35:28.0527 24688 ProfSvc - ok
11:35:28.0573 24688 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:35:28.0604 24688 ProtectedStorage - ok
11:35:28.0731 24688 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:35:28.0839 24688 Psched - ok
11:35:28.0973 24688 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
11:35:28.0993 24688 PSI - ok
11:35:29.0089 24688 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:35:29.0193 24688 ql2300 - ok
11:35:29.0287 24688 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:35:29.0315 24688 ql40xx - ok
11:35:29.0350 24688 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:35:29.0402 24688 QWAVE - ok
11:35:29.0472 24688 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:35:29.0532 24688 QWAVEdrv - ok
11:35:29.0566 24688 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:35:29.0662 24688 RasAcd - ok
11:35:29.0768 24688 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:29.0872 24688 RasAgileVpn - ok
11:35:29.0956 24688 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:35:30.0061 24688 RasAuto - ok
11:35:30.0177 24688 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:30.0269 24688 Rasl2tp - ok
11:35:30.0319 24688 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:35:30.0424 24688 RasMan - ok
11:35:30.0486 24688 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:30.0590 24688 RasPppoe - ok
11:35:30.0666 24688 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:35:30.0768 24688 RasSstp - ok
11:35:30.0809 24688 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:35:30.0913 24688 rdbss - ok
11:35:30.0958 24688 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:35:31.0006 24688 rdpbus - ok
11:35:31.0031 24688 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:35:31.0123 24688 RDPCDD - ok
11:35:31.0139 24688 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:35:31.0223 24688 RDPENCDD - ok
11:35:31.0254 24688 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:35:31.0335 24688 RDPREFMP - ok
11:35:31.0376 24688 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
11:35:31.0406 24688 RDPWD - ok
11:35:31.0446 24688 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:35:31.0473 24688 rdyboost - ok
11:35:31.0508 24688 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:35:31.0607 24688 RemoteAccess - ok
11:35:31.0639 24688 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:35:31.0742 24688 RemoteRegistry - ok
11:35:31.0764 24688 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:35:31.0878 24688 RpcEptMapper - ok
11:35:31.0921 24688 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:35:31.0954 24688 RpcLocator - ok
11:35:32.0004 24688 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:35:32.0099 24688 RpcSs - ok
11:35:32.0156 24688 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:35:32.0244 24688 rspndr - ok
11:35:32.0328 24688 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:35:32.0358 24688 SamSs - ok
11:35:32.0401 24688 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:35:32.0428 24688 sbp2port - ok
11:35:32.0467 24688 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:35:32.0572 24688 SCardSvr - ok
11:35:32.0722 24688 SCDEmu (46942b6980b35ffda6afa40a8328938c) C:\Windows\system32\drivers\SCDEmu.sys
11:35:32.0746 24688 SCDEmu - ok
11:35:32.0787 24688 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:35:32.0882 24688 scfilter - ok
11:35:32.0947 24688 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:35:33.0105 24688 Schedule - ok
11:35:33.0206 24688 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:35:33.0287 24688 SCPolicySvc - ok
11:35:33.0431 24688 ScsiAccess (958e956e119eb7b9aba142afed1b5ff4) C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
11:35:33.0454 24688 ScsiAccess - ok
11:35:33.0542 24688 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:35:33.0598 24688 SDRSVC - ok
11:35:33.0685 24688 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:35:33.0781 24688 secdrv - ok
11:35:33.0813 24688 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:35:33.0914 24688 seclogon - ok
11:35:34.0050 24688 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\psia.exe
11:35:34.0120 24688 Secunia PSI Agent - ok
11:35:34.0168 24688 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe
11:35:34.0200 24688 Secunia Update Agent - ok
11:35:34.0272 24688 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:35:34.0360 24688 SENS - ok
11:35:34.0379 24688 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:35:34.0412 24688 SensrSvc - ok
11:35:34.0450 24688 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:35:34.0497 24688 Serenum - ok
11:35:34.0595 24688 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:35:34.0641 24688 Serial - ok
11:35:34.0750 24688 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:35:34.0794 24688 sermouse - ok
11:35:34.0842 24688 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:35:34.0946 24688 SessionEnv - ok
11:35:35.0043 24688 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:35:35.0091 24688 sffdisk - ok
11:35:35.0176 24688 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:35:35.0228 24688 sffp_mmc - ok
11:35:35.0348 24688 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:35:35.0401 24688 sffp_sd - ok
11:35:35.0429 24688 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:35:35.0478 24688 sfloppy - ok
11:35:35.0610 24688 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:35:35.0712 24688 SharedAccess - ok
11:35:35.0750 24688 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:35:35.0843 24688 ShellHWDetection - ok
11:35:35.0898 24688 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:35:35.0923 24688 SiSRaid2 - ok
11:35:35.0947 24688 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:35:35.0971 24688 SiSRaid4 - ok
11:35:36.0017 24688 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:35:36.0093 24688 Smb - ok
11:35:36.0195 24688 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:35:36.0239 24688 SNMPTRAP - ok
11:35:36.0279 24688 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:35:36.0303 24688 spldr - ok
11:35:36.0345 24688 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:35:36.0449 24688 Spooler - ok
11:35:36.0565 24688 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:35:36.0786 24688 sppsvc - ok
11:35:36.0870 24688 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:35:36.0979 24688 sppuinotify - ok
11:35:37.0103 24688 sptd (aa90a319bb067e0d149b4c95608c4b05) C:\Windows\system32\Drivers\sptd.sys
11:35:37.0161 24688 sptd - ok
11:35:37.0214 24688 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:35:37.0272 24688 srv - ok
11:35:37.0314 24688 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:35:37.0369 24688 srv2 - ok
11:35:37.0413 24688 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:35:37.0462 24688 srvnet - ok
11:35:37.0495 24688 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:35:37.0600 24688 SSDPSRV - ok
11:35:37.0632 24688 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:35:37.0735 24688 SstpSvc - ok
11:35:37.0826 24688 Steam Client Service - ok
11:35:37.0908 24688 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:35:37.0931 24688 stexstor - ok
11:35:37.0989 24688 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:35:38.0056 24688 stisvc - ok
11:35:38.0154 24688 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:35:38.0178 24688 swenum - ok
11:35:38.0215 24688 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:35:38.0318 24688 swprv - ok
11:35:38.0396 24688 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:35:38.0527 24688 SysMain - ok
11:35:38.0614 24688 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:35:38.0662 24688 TabletInputService - ok
11:35:38.0787 24688 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
11:35:38.0807 24688 taphss - ok
11:35:38.0860 24688 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:35:38.0952 24688 TapiSrv - ok
11:35:38.0990 24688 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:35:39.0104 24688 TBS - ok
11:35:39.0180 24688 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:35:39.0301 24688 Tcpip - ok
11:35:39.0447 24688 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:35:39.0530 24688 TCPIP6 - ok
11:35:39.0563 24688 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:35:39.0664 24688 tcpipreg - ok
11:35:39.0704 24688 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:35:39.0751 24688 TDPIPE - ok
11:35:39.0866 24688 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:35:39.0894 24688 TDTCP - ok
11:35:39.0947 24688 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:35:40.0045 24688 tdx - ok
11:35:40.0156 24688 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:35:40.0182 24688 TermDD - ok
11:35:40.0237 24688 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:35:40.0334 24688 TermService - ok
11:35:40.0371 24688 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:35:40.0434 24688 Themes - ok
11:35:40.0480 24688 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:35:40.0566 24688 THREADORDER - ok
11:35:40.0595 24688 ToolkitDisk (5c248e03921137e131ac5f1459fd42c9) C:\Windows\system32\Drivers\toolkitdisk.sys
11:35:40.0615 24688 ToolkitDisk - ok
11:35:40.0756 24688 ToolkitSvc (656db27c5b900edba35dedec38bf7d03) C:\Program Files (x86)\ToolKitService\ToolkitService.exe
11:35:40.0793 24688 ToolkitSvc - ok
11:35:40.0871 24688 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:35:40.0961 24688 TrkWks - ok
11:35:41.0021 24688 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:35:41.0105 24688 TrustedInstaller - ok
11:35:41.0177 24688 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:41.0258 24688 tssecsrv - ok
11:35:41.0312 24688 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:35:41.0359 24688 TsUsbFlt - ok
11:35:41.0475 24688 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:35:41.0571 24688 tunnel - ok
11:35:41.0669 24688 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
11:35:41.0689 24688 TurboB - ok
11:35:41.0761 24688 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:35:41.0784 24688 TurboBoost - ok
11:35:41.0870 24688 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:35:41.0896 24688 uagp35 - ok
11:35:41.0921 24688 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
11:35:41.0940 24688 UBHelper - ok
11:35:41.0991 24688 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:35:42.0096 24688 udfs - ok
11:35:42.0142 24688 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:35:42.0193 24688 UI0Detect - ok
11:35:42.0302 24688 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:35:42.0327 24688 uliagpkx - ok
11:35:42.0389 24688 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
11:35:42.0438 24688 umbus - ok
11:35:42.0545 24688 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:35:42.0592 24688 UmPass - ok
11:35:42.0755 24688 UNS (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:35:42.0891 24688 UNS - ok
11:35:42.0981 24688 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:35:43.0007 24688 Updater Service - ok
11:35:43.0099 24688 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:35:43.0195 24688 upnphost - ok
11:35:43.0273 24688 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
11:35:43.0316 24688 USBAAPL64 - ok
11:35:43.0410 24688 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
11:35:43.0452 24688 usbccgp - ok
11:35:43.0566 24688 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:35:43.0603 24688 usbcir - ok
11:35:43.0628 24688 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
11:35:43.0678 24688 usbehci - ok
11:35:43.0790 24688 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
11:35:43.0840 24688 usbhub - ok
11:35:43.0879 24688 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
11:35:43.0910 24688 usbohci - ok
11:35:44.0013 24688 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:35:44.0068 24688 usbprint - ok
11:35:44.0167 24688 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:35:44.0216 24688 usbscan - ok
11:35:44.0328 24688 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:35:44.0374 24688 USBSTOR - ok
11:35:44.0414 24688 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
11:35:44.0464 24688 usbuhci - ok
11:35:44.0570 24688 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
11:35:44.0623 24688 usbvideo - ok
11:35:44.0656 24688 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:35:44.0757 24688 UxSms - ok
11:35:44.0795 24688 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:35:44.0826 24688 VaultSvc - ok
11:35:44.0879 24688 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:35:44.0903 24688 vdrvroot - ok
11:35:44.0995 24688 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:35:45.0122 24688 vds - ok
11:35:45.0211 24688 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:45.0247 24688 vga - ok
11:35:45.0265 24688 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:35:45.0364 24688 VgaSave - ok
11:35:45.0402 24688 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:35:45.0433 24688 vhdmp - ok
11:35:45.0471 24688 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:35:45.0495 24688 viaide - ok
11:35:45.0546 24688 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:35:45.0571 24688 volmgr - ok
11:35:45.0662 24688 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:35:45.0698 24688 volmgrx - ok
11:35:45.0752 24688 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:35:45.0784 24688 volsnap - ok
11:35:45.0841 24688 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:35:45.0870 24688 vsmraid - ok
11:35:45.0992 24688 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:35:46.0161 24688 VSS - ok
11:35:46.0244 24688 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:35:46.0281 24688 vwifibus - ok
11:35:46.0295 24688 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:35:46.0354 24688 vwififlt - ok
11:35:46.0443 24688 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:35:46.0500 24688 vwifimp - ok
11:35:46.0540 24688 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:35:46.0638 24688 W32Time - ok
11:35:46.0671 24688 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:35:46.0715 24688 WacomPen - ok
11:35:46.0835 24688 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:35:46.0910 24688 WANARP - ok
11:35:46.0916 24688 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:35:47.0000 24688 Wanarpv6 - ok
11:35:47.0144 24688 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:35:47.0230 24688 WatAdminSvc - ok
11:35:47.0343 24688 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:35:47.0461 24688 wbengine - ok
11:35:47.0552 24688 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:35:47.0615 24688 WbioSrvc - ok
11:35:47.0660 24688 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:35:47.0736 24688 wcncsvc - ok
11:35:47.0777 24688 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:35:47.0827 24688 WcsPlugInService - ok
11:35:47.0865 24688 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:35:47.0889 24688 Wd - ok
11:35:47.0926 24688 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:35:47.0972 24688 Wdf01000 - ok
11:35:48.0001 24688 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:35:48.0065 24688 WdiServiceHost - ok
11:35:48.0071 24688 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:35:48.0119 24688 WdiSystemHost - ok
11:35:48.0166 24688 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:35:48.0233 24688 WebClient - ok
11:35:48.0268 24688 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:35:48.0374 24688 Wecsvc - ok
11:35:48.0401 24688 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:35:48.0510 24688 wercplsupport - ok
11:35:48.0600 24688 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:35:48.0688 24688 WerSvc - ok
11:35:48.0748 24688 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:48.0831 24688 WfpLwf - ok
11:35:48.0849 24688 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:35:48.0873 24688 WIMMount - ok
11:35:48.0914 24688 WinDefend - ok
11:35:48.0928 24688 WinHttpAutoProxySvc - ok
11:35:49.0023 24688 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:35:49.0119 24688 Winmgmt - ok
11:35:49.0253 24688 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:35:49.0445 24688 WinRM - ok
11:35:49.0587 24688 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:49.0628 24688 WinUsb - ok
11:35:49.0691 24688 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:35:49.0800 24688 Wlansvc - ok
11:35:49.0904 24688 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:35:49.0949 24688 WmiAcpi - ok
11:35:50.0014 24688 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:35:50.0051 24688 wmiApSrv - ok
11:35:50.0105 24688 WMPNetworkSvc - ok
11:35:50.0197 24688 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:35:50.0230 24688 WPCSvc - ok
11:35:50.0281 24688 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:35:50.0321 24688 WPDBusEnum - ok
11:35:50.0356 24688 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:35:50.0456 24688 ws2ifsl - ok
11:35:50.0493 24688 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
11:35:50.0541 24688 wscsvc - ok
11:35:50.0552 24688 WSearch - ok
11:35:50.0646 24688 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
11:35:50.0852 24688 wuauserv - ok
11:35:50.0952 24688 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:35:51.0055 24688 WudfPf - ok
11:35:51.0180 24688 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:51.0266 24688 WUDFRd - ok
11:35:51.0305 24688 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:35:51.0394 24688 wudfsvc - ok
11:35:51.0431 24688 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:35:51.0484 24688 WwanSvc - ok
11:35:51.0543 24688 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:35:51.0585 24688 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
11:35:51.0586 24688 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
11:35:52.0450 24688 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:35:52.0450 24688 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:35:52.0486 24688 Boot (0x1200) (bbb847b04b388c514fd80d0f0ab866df) \Device\Harddisk0\DR0\Partition0
11:35:52.0488 24688 \Device\Harddisk0\DR0\Partition0 - ok
11:35:52.0500 24688 Boot (0x1200) (c396a0cd6f4d60337d67c32cf4b3308a) \Device\Harddisk0\DR0\Partition1
11:35:52.0502 24688 \Device\Harddisk0\DR0\Partition1 - ok
11:35:52.0502 24688 ============================================================
11:35:52.0502 24688 Scan finished
11:35:52.0503 24688 ============================================================
11:35:52.0521 19708 Detected object count: 5
11:35:52.0521 19708 Actual detected object count: 5
11:36:51.0492 19708 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:51.0492 19708 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:51.0495 19708 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:51.0495 19708 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:51.0496 19708 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:36:51.0496 19708 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:36:51.0594 19708 \Device\Harddisk0\DR0\# - copied to quarantine
11:36:51.0595 19708 \Device\Harddisk0\DR0 - copied to quarantine
11:36:51.0669 19708 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
11:36:51.0680 19708 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
11:36:51.0692 19708 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
11:36:51.0703 19708 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
11:36:51.0714 19708 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
11:36:51.0725 19708 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
11:36:58.0959 19708 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
11:36:59.0158 19708 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
11:36:59.0236 19708 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
11:37:04.0702 19708 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
11:37:04.0757 19708 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
11:37:04.0837 19708 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
11:37:04.0939 19708 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
11:37:05.0041 19708 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
11:37:05.0044 19708 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
11:37:05.0047 19708 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
11:37:05.0050 19708 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
11:37:05.0093 19708 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
11:37:05.0172 19708 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
11:37:05.0280 19708 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
11:37:05.0409 19708 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
11:37:05.0446 19708 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
11:37:05.0505 19708 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
11:37:05.0559 19708 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
11:37:05.0803 19708 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
11:37:05.0804 19708 \Device\Harddisk0\DR0 - ok
11:37:06.0082 19708 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
11:37:06.0083 19708 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:37:06.0083 19708 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:37:50.0636 26708 Deinitialize success

#4 tarumbl

tarumbl

    New Member

  • Members
  • Pip
  • 6 posts

Posted 05 April 2012 - 12:04 PM

Sorry for double post but it has been just over an hour and not a single avast popup has occured. Google has also stopped redirecting me. Thank you very much for the help, I will post again later on with the status of my situation =)

Thanks again.

#5 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 17,441 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 05 April 2012 - 01:47 PM

TDSSKiller is fine, but your MBAM database version is very old. Please try again:

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.


In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log file

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

#6 tarumbl

tarumbl

    New Member

  • Members
  • Pip
  • 6 posts

Posted 05 April 2012 - 02:56 PM

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.04.05.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Alex :: ALEX-PC [administrator]
Protection: Disabled
05/04/2012 3:42:33 PM
mbam-log-2012-04-05 (15-42-33).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 241601
Time elapsed: 9 minute(s), 28 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

15:52:47.0632 8904 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
15:52:48.0114 8904 ============================================================
15:52:48.0114 8904 Current date / time: 2012/04/05 15:52:48.0114
15:52:48.0114 8904 SystemInfo:
15:52:48.0114 8904
15:52:48.0114 8904 OS Version: 6.1.7601 ServicePack: 1.0
15:52:48.0114 8904 Product type: Workstation
15:52:48.0115 8904 ComputerName: ALEX-PC
15:52:48.0115 8904 UserName: Alex
15:52:48.0115 8904 Windows directory: C:\Windows
15:52:48.0115 8904 System windows directory: C:\Windows
15:52:48.0115 8904 Running under WOW64
15:52:48.0115 8904 Processor architecture: Intel x64
15:52:48.0115 8904 Number of processors: 4
15:52:48.0115 8904 Page size: 0x1000
15:52:48.0115 8904 Boot type: Normal boot
15:52:48.0115 8904 ============================================================
15:52:48.0846 8904 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:52:48.0857 8904 \Device\Harddisk0\DR0:
15:52:48.0858 8904 MBR used
15:52:48.0858 8904 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
15:52:48.0858 8904 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x48EC12B0
15:52:48.0888 8904 Initialize success
15:52:48.0888 8904 ============================================================
15:52:54.0821 8564 ============================================================
15:52:54.0822 8564 Scan started
15:52:54.0822 8564 Mode: Manual; SigCheck; TDLFS;
15:52:54.0822 8564 ============================================================
15:52:55.0955 8564 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:52:56.0186 8564 1394ohci - ok
15:52:56.0315 8564 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:52:56.0353 8564 ACPI - ok
15:52:56.0421 8564 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:52:56.0510 8564 AcpiPmi - ok
15:52:56.0648 8564 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:52:56.0680 8564 AdobeFlashPlayerUpdateSvc - ok
15:52:56.0809 8564 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:52:56.0855 8564 adp94xx - ok
15:52:57.0052 8564 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:52:57.0085 8564 adpahci - ok
15:52:57.0140 8564 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:52:57.0164 8564 adpu320 - ok
15:52:57.0206 8564 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:52:57.0398 8564 AeLookupSvc - ok
15:52:57.0517 8564 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:52:57.0606 8564 AFD - ok
15:52:57.0714 8564 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:52:57.0735 8564 agp440 - ok
15:52:57.0786 8564 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:52:57.0855 8564 ALG - ok
15:52:57.0996 8564 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:52:58.0018 8564 aliide - ok
15:52:58.0064 8564 AMD External Events Utility (3d90cf67db75823a8480e56bbcd2e028) C:\Windows\system32\atiesrxx.exe
15:52:58.0154 8564 AMD External Events Utility - ok
15:52:58.0282 8564 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:52:58.0302 8564 amdide - ok
15:52:58.0357 8564 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:52:58.0412 8564 AmdK8 - ok
15:52:58.0687 8564 amdkmdag (52679612d742bf74ca1ba6ab86ddf431) C:\Windows\system32\DRIVERS\atipmdag.sys
15:52:58.0982 8564 amdkmdag - ok
15:52:59.0089 8564 amdkmdap (414e0788920a8c856032be2cbf29f984) C:\Windows\system32\DRIVERS\atikmpag.sys
15:52:59.0148 8564 amdkmdap - ok
15:52:59.0249 8564 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:52:59.0298 8564 AmdPPM - ok
15:52:59.0412 8564 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
15:52:59.0434 8564 amdsata - ok
15:52:59.0470 8564 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:52:59.0496 8564 amdsbs - ok
15:52:59.0540 8564 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
15:52:59.0561 8564 amdxata - ok
15:52:59.0660 8564 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
15:52:59.0701 8564 AmUStor - ok
15:52:59.0820 8564 ApfiltrService (fab590e0fc28cb474b965f8267458e14) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:52:59.0918 8564 ApfiltrService - ok
15:53:00.0024 8564 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:53:00.0271 8564 AppID - ok
15:53:00.0374 8564 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:53:00.0476 8564 AppIDSvc - ok
15:53:00.0592 8564 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:53:00.0683 8564 Appinfo - ok
15:53:00.0815 8564 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:53:00.0832 8564 Apple Mobile Device - ok
15:53:00.0937 8564 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:53:00.0960 8564 arc - ok
15:53:00.0993 8564 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:53:01.0016 8564 arcsas - ok
15:53:01.0173 8564 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:53:01.0213 8564 aspnet_state - ok
15:53:01.0287 8564 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
15:53:01.0316 8564 aswFsBlk - ok
15:53:01.0466 8564 aswFW (ffe56ac75a257141561daf42c3f7d16b) C:\Windows\system32\drivers\aswFW.sys
15:53:01.0495 8564 aswFW - ok
15:53:01.0662 8564 aswKbd (316271cc32fdfffcdb30677684906d5e) C:\Windows\system32\drivers\aswKbd.sys
15:53:01.0679 8564 aswKbd - ok
15:53:01.0830 8564 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
15:53:01.0854 8564 aswMonFlt - ok
15:53:01.0979 8564 aswNdis (518b8d447a1975ab46da093a2e743256) C:\Windows\system32\DRIVERS\aswNdis.sys
15:53:01.0993 8564 aswNdis - ok
15:53:02.0152 8564 aswNdis2 (36dbcb80e0af1dc228f495faf00a4bc8) C:\Windows\system32\drivers\aswNdis2.sys
15:53:02.0176 8564 aswNdis2 - ok
15:53:02.0308 8564 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
15:53:02.0324 8564 aswRdr - ok
15:53:02.0469 8564 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
15:53:02.0518 8564 aswSnx - ok
15:53:02.0592 8564 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
15:53:02.0618 8564 aswSP - ok
15:53:02.0678 8564 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
15:53:02.0693 8564 aswTdi - ok
15:53:02.0814 8564 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:53:02.0920 8564 AsyncMac - ok
15:53:03.0087 8564 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:53:03.0110 8564 atapi - ok
15:53:03.0264 8564 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys
15:53:03.0438 8564 athr - ok
15:53:03.0564 8564 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
15:53:03.0586 8564 AtiHdmiService - ok
15:53:03.0673 8564 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:53:03.0805 8564 AudioEndpointBuilder - ok
15:53:03.0827 8564 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:53:03.0920 8564 AudioSrv - ok
15:53:04.0024 8564 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:53:04.0043 8564 avast! Antivirus - ok
15:53:04.0076 8564 avast! Firewall (7d465549dfb0eca6601e9609c72cd20a) C:\Program Files\Alwil Software\Avast5\afwServ.exe
15:53:04.0094 8564 avast! Firewall - ok
15:53:04.0207 8564 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:53:04.0309 8564 AxInstSV - ok
15:53:04.0430 8564 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:53:04.0502 8564 b06bdrv - ok
15:53:04.0622 8564 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:53:04.0694 8564 b57nd60a - ok
15:53:04.0817 8564 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
15:53:04.0921 8564 BCM43XX - ok
15:53:05.0022 8564 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:53:05.0078 8564 BDESVC - ok
15:53:05.0180 8564 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:53:05.0285 8564 Beep - ok
15:53:05.0390 8564 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:53:05.0502 8564 BFE - ok
15:53:05.0547 8564 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:53:05.0726 8564 BITS - ok
15:53:05.0829 8564 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:53:05.0875 8564 blbdrive - ok
15:53:05.0979 8564 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:53:06.0011 8564 Bonjour Service - ok
15:53:06.0127 8564 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:53:06.0197 8564 bowser - ok
15:53:06.0336 8564 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:53:06.0388 8564 BrFiltLo - ok
15:53:06.0505 8564 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:53:06.0559 8564 BrFiltUp - ok
15:53:06.0679 8564 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:53:06.0784 8564 Browser - ok
15:53:06.0897 8564 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:53:06.0976 8564 Brserid - ok
15:53:07.0107 8564 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:53:07.0154 8564 BrSerWdm - ok
15:53:07.0263 8564 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:53:07.0315 8564 BrUsbMdm - ok
15:53:07.0453 8564 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:53:07.0500 8564 BrUsbSer - ok
15:53:07.0606 8564 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:53:07.0660 8564 BTHMODEM - ok
15:53:07.0770 8564 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:53:07.0876 8564 bthserv - ok
15:53:07.0955 8564 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:53:08.0043 8564 cdfs - ok
15:53:08.0164 8564 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:53:08.0208 8564 cdrom - ok
15:53:08.0321 8564 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:53:08.0416 8564 CertPropSvc - ok
15:53:08.0531 8564 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:53:08.0587 8564 circlass - ok
15:53:08.0677 8564 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:53:08.0712 8564 CLFS - ok
15:53:08.0781 8564 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:53:08.0801 8564 clr_optimization_v2.0.50727_32 - ok
15:53:08.0850 8564 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:53:08.0873 8564 clr_optimization_v2.0.50727_64 - ok
15:53:09.0008 8564 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:53:09.0027 8564 clr_optimization_v4.0.30319_32 - ok
15:53:09.0096 8564 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:53:09.0130 8564 clr_optimization_v4.0.30319_64 - ok
15:53:09.0216 8564 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:53:09.0273 8564 CmBatt - ok
15:53:09.0380 8564 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:53:09.0405 8564 cmdide - ok
15:53:09.0444 8564 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:53:09.0507 8564 CNG - ok
15:53:09.0640 8564 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:53:09.0659 8564 Compbatt - ok
15:53:09.0793 8564 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:53:09.0847 8564 CompositeBus - ok
15:53:09.0915 8564 COMSysApp - ok
15:53:09.0987 8564 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:53:10.0010 8564 crcdisk - ok
15:53:10.0151 8564 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:53:10.0265 8564 CryptSvc - ok
15:53:10.0376 8564 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:53:10.0497 8564 DcomLaunch - ok
15:53:10.0596 8564 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:53:10.0696 8564 defragsvc - ok
15:53:10.0819 8564 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:53:10.0915 8564 DfsC - ok
15:53:10.0989 8564 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:53:11.0079 8564 Dhcp - ok
15:53:11.0143 8564 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:53:11.0249 8564 discache - ok
15:53:11.0351 8564 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:53:11.0373 8564 Disk - ok
15:53:11.0561 8564 Diskeeper (e50664f505d80fc2bed3186807609c22) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
15:53:11.0704 8564 Diskeeper - ok
15:53:11.0819 8564 DKRtWrt (20c394c80113d77406df8f1adc720b01) C:\Windows\system32\DRIVERS\DKRtWrt.sys
15:53:11.0834 8564 DKRtWrt - ok
15:53:11.0874 8564 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:53:11.0910 8564 Dnscache - ok
15:53:11.0954 8564 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:53:12.0061 8564 dot3svc - ok
15:53:12.0190 8564 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
15:53:12.0238 8564 Dot4 - ok
15:53:12.0342 8564 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
15:53:12.0393 8564 Dot4Print - ok
15:53:12.0434 8564 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
15:53:12.0490 8564 dot4usb - ok
15:53:12.0529 8564 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:53:12.0612 8564 DPS - ok
15:53:12.0675 8564 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:53:12.0729 8564 drmkaud - ok
15:53:12.0796 8564 DsiWMIService (55f6f3e0df82e0113082852347bf2c16) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:53:12.0821 8564 DsiWMIService - ok
15:53:12.0935 8564 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:53:13.0008 8564 DXGKrnl - ok
15:53:13.0097 8564 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:53:13.0193 8564 EapHost - ok
15:53:13.0315 8564 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:53:13.0477 8564 ebdrv - ok
15:53:13.0578 8564 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:53:13.0636 8564 EFS - ok
15:53:13.0765 8564 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:53:13.0864 8564 ehRecvr - ok
15:53:13.0899 8564 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:53:13.0944 8564 ehSched - ok
15:53:14.0049 8564 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:53:14.0091 8564 elxstor - ok
15:53:14.0244 8564 ePowerSvc (49eef52bfb986a2b5d70f4ec12637d7b) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:53:14.0300 8564 ePowerSvc - ok
15:53:14.0387 8564 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:53:14.0428 8564 ErrDev - ok
15:53:14.0541 8564 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:53:14.0648 8564 EventSystem - ok
15:53:14.0708 8564 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:53:14.0798 8564 exfat - ok
15:53:14.0899 8564 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:53:14.0998 8564 fastfat - ok
15:53:15.0107 8564 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:53:15.0171 8564 Fax - ok
15:53:15.0212 8564 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:53:15.0272 8564 fdc - ok
15:53:15.0368 8564 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:53:15.0464 8564 fdPHost - ok
15:53:15.0490 8564 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:53:15.0581 8564 FDResPub - ok
15:53:15.0643 8564 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:53:15.0665 8564 FileInfo - ok
15:53:15.0682 8564 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:53:15.0779 8564 Filetrace - ok
15:53:15.0867 8564 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:53:15.0904 8564 FLEXnet Licensing Service - ok
15:53:16.0004 8564 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:53:16.0046 8564 flpydisk - ok
15:53:16.0196 8564 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:53:16.0227 8564 FltMgr - ok
15:53:16.0300 8564 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
15:53:16.0461 8564 FontCache - ok
15:53:16.0556 8564 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:53:16.0573 8564 FontCache3.0.0.0 - ok
15:53:16.0625 8564 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:53:16.0647 8564 FsDepends - ok
15:53:16.0746 8564 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:53:16.0768 8564 Fs_Rec - ok
15:53:16.0911 8564 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:53:16.0945 8564 fvevol - ok
15:53:16.0992 8564 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:53:17.0014 8564 gagp30kx - ok
15:53:17.0118 8564 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:53:17.0136 8564 GEARAspiWDM - ok
15:53:17.0206 8564 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:53:17.0340 8564 gpsvc - ok
15:53:17.0443 8564 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
15:53:17.0513 8564 Greg_Service - ok
15:53:17.0637 8564 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:53:17.0657 8564 gupdate - ok
15:53:17.0670 8564 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:53:17.0689 8564 gupdatem - ok
15:53:17.0767 8564 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:53:17.0826 8564 hcw85cir - ok
15:53:17.0946 8564 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:53:18.0003 8564 HdAudAddService - ok
15:53:18.0033 8564 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:53:18.0084 8564 HDAudBus - ok
15:53:18.0183 8564 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
15:53:18.0202 8564 HECIx64 - ok
15:53:18.0235 8564 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:53:18.0285 8564 HidBatt - ok
15:53:18.0368 8564 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:53:18.0422 8564 HidBth - ok
15:53:18.0543 8564 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:53:18.0601 8564 HidIr - ok
15:53:18.0687 8564 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:53:18.0790 8564 hidserv - ok
15:53:18.0894 8564 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:53:18.0923 8564 HidUsb - ok
15:53:19.0042 8564 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:53:19.0148 8564 hkmsvc - ok
15:53:19.0258 8564 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:53:19.0326 8564 HomeGroupListener - ok
15:53:19.0424 8564 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:53:19.0472 8564 HomeGroupProvider - ok
15:53:19.0697 8564 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:53:19.0721 8564 hpqcxs08 - ok
15:53:19.0745 8564 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:53:19.0764 8564 hpqddsvc - ok
15:53:19.0879 8564 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:53:19.0905 8564 HpSAMD - ok
15:53:19.0971 8564 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:53:20.0101 8564 HTTP - ok
15:53:20.0190 8564 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:53:20.0208 8564 hwpolicy - ok
15:53:20.0320 8564 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:53:20.0350 8564 i8042prt - ok
15:53:20.0398 8564 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys
15:53:20.0430 8564 iaStor - ok
15:53:20.0544 8564 IAStorDataMgrSvc (48362e5db5cb2c000c514ee1f3890acd) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:53:20.0560 8564 IAStorDataMgrSvc - ok
15:53:20.0677 8564 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
15:53:20.0713 8564 iaStorV - ok
15:53:20.0813 8564 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:53:20.0876 8564 idsvc - ok
15:53:21.0099 8564 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:53:21.0359 8564 igfx - ok
15:53:21.0466 8564 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:53:21.0488 8564 iirsp - ok
15:53:21.0560 8564 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:53:21.0705 8564 IKEEXT - ok
15:53:21.0812 8564 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
15:53:21.0872 8564 Impcd - ok
15:53:22.0048 8564 IntcAzAudAddService (53019327813ff5ab2964b33b2c61307c) C:\Windows\system32\drivers\RTKVHD64.sys
15:53:22.0171 8564 IntcAzAudAddService - ok
15:53:22.0279 8564 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:53:22.0300 8564 intelide - ok
15:53:22.0359 8564 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:53:22.0403 8564 intelppm - ok
15:53:22.0505 8564 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:53:22.0595 8564 IPBusEnum - ok
15:53:22.0656 8564 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:53:22.0748 8564 IpFilterDriver - ok
15:53:22.0876 8564 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:53:22.0988 8564 iphlpsvc - ok
15:53:23.0040 8564 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:53:23.0095 8564 IPMIDRV - ok
15:53:23.0136 8564 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:53:23.0238 8564 IPNAT - ok
15:53:23.0395 8564 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
15:53:23.0472 8564 iPod Service - ok
15:53:23.0578 8564 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:53:23.0639 8564 IRENUM - ok
15:53:23.0707 8564 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:53:23.0727 8564 isapnp - ok
15:53:23.0789 8564 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:53:23.0821 8564 iScsiPrt - ok
15:53:23.0873 8564 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
15:53:23.0902 8564 k57nd60a - ok
15:53:23.0973 8564 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:53:23.0995 8564 kbdclass - ok
15:53:24.0092 8564 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:53:24.0134 8564 kbdhid - ok
15:53:24.0177 8564 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:53:24.0207 8564 KeyIso - ok
15:53:24.0230 8564 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:53:24.0255 8564 KSecDD - ok
15:53:24.0282 8564 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:53:24.0310 8564 KSecPkg - ok
15:53:24.0360 8564 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:53:24.0449 8564 ksthunk - ok
15:53:24.0541 8564 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:53:24.0636 8564 KtmRm - ok
15:53:24.0790 8564 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
15:53:24.0836 8564 L1E - ok
15:53:24.0942 8564 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:53:25.0054 8564 LanmanServer - ok
15:53:25.0107 8564 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:53:25.0208 8564 LanmanWorkstation - ok
15:53:25.0329 8564 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:53:25.0428 8564 lltdio - ok
15:53:25.0514 8564 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:53:25.0623 8564 lltdsvc - ok
15:53:25.0721 8564 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:53:25.0820 8564 lmhosts - ok
15:53:25.0908 8564 LMS (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:53:25.0937 8564 LMS - ok
15:53:26.0087 8564 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:53:26.0110 8564 LSI_FC - ok
15:53:26.0208 8564 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:53:26.0231 8564 LSI_SAS - ok
15:53:26.0270 8564 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:53:26.0293 8564 LSI_SAS2 - ok
15:53:26.0340 8564 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:53:26.0365 8564 LSI_SCSI - ok
15:53:26.0477 8564 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:53:26.0579 8564 luafv - ok
15:53:26.0722 8564 MBAMProtector - ok
15:53:26.0830 8564 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:53:26.0875 8564 MBAMService - ok
15:53:26.0980 8564 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:53:27.0031 8564 Mcx2Svc - ok
15:53:27.0087 8564 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:53:27.0111 8564 megasas - ok
15:53:27.0222 8564 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:53:27.0255 8564 MegaSR - ok
15:53:27.0373 8564 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:53:27.0394 8564 Microsoft Office Groove Audit Service - ok
15:53:27.0496 8564 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:53:27.0599 8564 MMCSS - ok
15:53:27.0670 8564 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:53:27.0768 8564 Modem - ok
15:53:27.0857 8564 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:53:27.0908 8564 monitor - ok
15:53:28.0008 8564 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:53:28.0031 8564 mouclass - ok
15:53:28.0135 8564 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:53:28.0179 8564 mouhid - ok
15:53:28.0284 8564 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:53:28.0310 8564 mountmgr - ok
15:53:28.0359 8564 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:53:28.0386 8564 mpio - ok
15:53:28.0414 8564 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:53:28.0507 8564 mpsdrv - ok
15:53:28.0697 8564 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:53:28.0834 8564 MpsSvc - ok
15:53:28.0957 8564 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:53:29.0008 8564 MRxDAV - ok
15:53:29.0053 8564 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:53:29.0117 8564 mrxsmb - ok
15:53:29.0239 8564 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:53:29.0283 8564 mrxsmb10 - ok
15:53:29.0328 8564 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:53:29.0361 8564 mrxsmb20 - ok
15:53:29.0415 8564 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:53:29.0440 8564 msahci - ok
15:53:29.0490 8564 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:53:29.0517 8564 msdsm - ok
15:53:29.0555 8564 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:53:29.0604 8564 MSDTC - ok
15:53:29.0706 8564 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:53:29.0788 8564 Msfs - ok
15:53:29.0829 8564 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:53:29.0934 8564 mshidkmdf - ok
15:53:29.0978 8564 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:53:29.0998 8564 msisadrv - ok
15:53:30.0062 8564 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:53:30.0153 8564 MSiSCSI - ok
15:53:30.0209 8564 msiserver - ok
15:53:30.0277 8564 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:53:30.0378 8564 MSKSSRV - ok
15:53:30.0498 8564 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:53:30.0603 8564 MSPCLOCK - ok
15:53:30.0618 8564 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:53:30.0701 8564 MSPQM - ok
15:53:30.0747 8564 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:53:30.0779 8564 MsRPC - ok
15:53:30.0827 8564 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:53:30.0848 8564 mssmbios - ok
15:53:30.0885 8564 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:53:30.0975 8564 MSTEE - ok
15:53:30.0999 8564 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:53:31.0047 8564 MTConfig - ok
15:53:31.0138 8564 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:53:31.0160 8564 Mup - ok
15:53:31.0212 8564 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:53:31.0229 8564 mwlPSDFilter - ok
15:53:31.0338 8564 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:53:31.0355 8564 mwlPSDNServ - ok
15:53:31.0374 8564 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:53:31.0391 8564 mwlPSDVDisk - ok
15:53:31.0498 8564 MWLService (22a4905c958beb68d78385b633c1351b) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
15:53:31.0525 8564 MWLService - ok
15:53:31.0608 8564 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:53:31.0721 8564 napagent - ok
15:53:32.0432 8564 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:53:32.0534 8564 NativeWifiP - ok
15:53:32.0664 8564 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:53:32.0809 8564 NDIS - ok
15:53:32.0932 8564 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:53:33.0101 8564 NdisCap - ok
15:53:33.0495 8564 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:53:33.0578 8564 NdisTapi - ok
15:53:34.0074 8564 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:53:34.0183 8564 Ndisuio - ok
15:53:34.0241 8564 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:53:34.0339 8564 NdisWan - ok
15:53:34.0395 8564 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:53:34.0490 8564 NDProxy - ok
[size="1"]15:53:34.0545 8564 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll[/size]
[size="1"]15:53:34.0571 8564 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning[/size]
[size="1"]15:53:34.0571 8564 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)[/size]
[size="1"]15:53:34.0667 8564 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys[/size]
[size="1"]15:53:34.0771 8564 NetBIOS - ok[/size]
[size="1"]15:53:34.0821 8564 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys[/size]
[size="1"]15:53:34.0921 8564 NetBT - ok[/size]
[size="1"]15:53:34.0967 8564 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe[/size]
[size="1"]15:53:34.0995 8564 Netlogon - ok[/size]
[size="1"]15:53:35.0059 8564 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll[/size]
[size="1"]15:53:35.0174 8564 Netman - ok[/size]
[size="1"]15:53:35.0300 8564 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/size]
[size="1"]15:53:35.0324 8564 NetMsmqActivator - ok[/size]
[size="1"]15:53:35.0331 8564 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/size]
[size="1"]15:53:35.0352 8564 NetPipeActivator - ok[/size]
[size="1"]15:53:35.0414 8564 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll[/size]
[size="1"]15:53:35.0526 8564 netprofm - ok[/size]
[size="1"]15:53:35.0669 8564 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/size]
[size="1"]15:53:35.0686 8564 NetTcpActivator - ok[/size]
[size="1"]15:53:35.0692 8564 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/size]
[size="1"]15:53:35.0712 8564 NetTcpPortSharing - ok[/size]
[size="1"]15:53:35.0775 8564 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys[/size]
[size="1"]15:53:35.0797 8564 nfrd960 - ok[/size]
[size="1"]15:53:35.0857 8564 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll[/size]
[size="1"]15:53:35.0968 8564 NlaSvc - ok[/size]
[size="1"]15:53:36.0059 8564 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys[/size]
[size="1"]15:53:36.0143 8564 Npfs - ok[/size]
[size="1"]15:53:36.0173 8564 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll[/size]
[size="1"]15:53:36.0256 8564 nsi - ok[/size]
[size="1"]15:53:36.0289 8564 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys[/size]
[size="1"]15:53:36.0380 8564 nsiproxy - ok[/size]
[size="1"]15:53:36.0458 8564 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys[/size]
[size="1"]15:53:36.0556 8564 Ntfs - ok[/size]
[size="1"]15:53:36.0648 8564 NTI IScheduleSvc (5b3ce960c62dbe864be9a0bd043a3e30) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[/size]
[size="1"]15:53:36.0677 8564 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - warning[/size]
[size="1"]15:53:36.0677 8564 NTI IScheduleSvc - detected UnsignedFile.Multi.Generic (1)[/size]
[size="1"]15:53:36.0775 8564 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys[/size]
[size="1"]15:53:36.0791 8564 NTIDrvr - ok[/size]
[size="1"]15:53:36.0830 8564 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys[/size]
[size="1"]15:53:36.0931 8564 Null - ok[/size]
[size="1"]15:53:36.0977 8564 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys[/size]
[size="1"]15:53:37.0002 8564 nvraid - ok[/size]
[size="1"]15:53:37.0033 8564 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys[/size]
[size="1"]15:53:37.0061 8564 nvstor - ok[/size]
[size="1"]15:53:37.0117 8564 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys[/size]
[size="1"]15:53:37.0142 8564 nv_agp - ok[/size]
[size="1"]15:53:37.0285 8564 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE[/size]
[size="1"]15:53:37.0319 8564 odserv - ok[/size]
[size="1"]15:53:37.0412 8564 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys[/size]
[size="1"]15:53:37.0459 8564 ohci1394 - ok[/size]
[size="1"]15:53:37.0539 8564 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE[/size]
[size="1"]15:53:37.0572 8564 ose - ok[/size]
[size="1"]15:53:37.0656 8564 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll[/size]
[size="1"]15:53:37.0734 8564 p2pimsvc - ok[/size]
[size="1"]15:53:37.0823 8564 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll[/size]
[size="1"]15:53:37.0887 8564 p2psvc - ok[/size]
[size="1"]15:53:37.0933 8564 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys[/size]
[size="1"]15:53:37.0976 8564 Parport - ok[/size]
[size="1"]15:53:38.0031 8564 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys[/size]
[size="1"]15:53:38.0056 8564 partmgr - ok[/size]
[size="1"]15:53:38.0093 8564 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll[/size]
[size="1"]15:53:38.0153 8564 PcaSvc - ok[/size]
[size="1"]15:53:38.0197 8564 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys[/size]
[size="1"]15:53:38.0241 8564 pccsmcfd - ok[/size]
[size="1"]15:53:38.0282 8564 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys[/size]
[size="1"]15:53:38.0310 8564 pci - ok[/size]
[size="1"]15:53:38.0353 8564 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys[/size]
[size="1"]15:53:38.0376 8564 pciide - ok[/size]
[size="1"]15:53:38.0409 8564 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys[/size]
[size="1"]15:53:38.0439 8564 pcmcia - ok[/size]
[size="1"]15:53:38.0573 8564 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys[/size]
[size="1"]15:53:38.0605 8564 pcouffin - ok[/size]
[size="1"]15:53:38.0684 8564 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys[/size]
[size="1"]15:53:38.0707 8564 pcw - ok[/size]
[size="1"]15:53:38.0743 8564 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys[/size]
[size="1"]15:53:38.0864 8564 PEAUTH - ok[/size]
[size="1"]15:53:38.0953 8564 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe[/size]
[size="1"]15:53:38.0998 8564 PerfHost - ok[/size]
[size="1"]15:53:39.0120 8564 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll[/size]
[size="1"]15:53:39.0274 8564 pla - ok[/size]
[size="1"]15:53:39.0383 8564 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll[/size]
[size="1"]15:53:39.0453 8564 PlugPlay - ok[/size]
[size="1"]15:53:39.0563 8564 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll[/size]
[size="1"]15:53:39.0597 8564 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning[/size]
[size="1"]15:53:39.0597 8564 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)[/size]
[size="1"]15:53:39.0639 8564 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll[/size]
[size="1"]15:53:39.0680 8564 PNRPAutoReg - ok[/size]
[size="1"]15:53:39.0767 8564 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll[/size]
[size="1"]15:53:39.0805 8564 PNRPsvc - ok[/size]
[size="1"]15:53:39.0862 8564 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll[/size]
[size="1"]15:53:39.0952 8564 PolicyAgent - ok[/size]
[size="1"]15:53:40.0000 8564 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll[/size]
[size="1"]15:53:40.0100 8564 Power - ok[/size]
[size="1"]15:53:40.0149 8564 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys[/size]
[size="1"]15:53:40.0243 8564 PptpMiniport - ok[/size]
[size="1"]15:53:40.0280 8564 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys[/size]
[size="1"]15:53:40.0320 8564 Processor - ok[/size]
[size="1"]15:53:40.0433 8564 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll[/size]
[size="1"]15:53:40.0532 8564 ProfSvc - ok[/size]
[size="1"]15:53:40.0577 8564 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe[/size]
[size="1"]15:53:40.0609 8564 ProtectedStorage - ok[/size]
[size="1"]15:53:40.0681 8564 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys[/size]
[size="1"]15:53:40.0773 8564 Psched - ok[/size]
[size="1"]15:53:40.0902 8564 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys[/size]
[size="1"]15:53:40.0919 8564 PSI - ok[/size]
[size="1"]15:53:40.0983 8564 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys[/size]
[size="1"]15:53:41.0082 8564 ql2300 - ok[/size]
[size="1"]15:53:41.0158 8564 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys[/size]
[size="1"]15:53:41.0183 8564 ql40xx - ok[/size]
[size="1"]15:53:41.0221 8564 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll[/size]
[size="1"]15:53:41.0266 8564 QWAVE - ok[/size]
[size="1"]15:53:41.0310 8564 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys[/size]
[size="1"]15:53:41.0367 8564 QWAVEdrv - ok[/size]
[size="1"]15:53:41.0393 8564 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys[/size]
[size="1"]15:53:41.0498 8564 RasAcd - ok[/size]
[size="1"]15:53:41.0540 8564 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys[/size]
[size="1"]15:53:41.0643 8564 RasAgileVpn - ok[/size]
[size="1"]15:53:41.0727 8564 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll[/size]
[size="1"]15:53:41.0829 8564 RasAuto - ok[/size]
[size="1"]15:53:41.0882 8564 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys[/size]
[size="1"]15:53:41.0960 8564 Rasl2tp - ok[/size]
[size="1"]15:53:42.0035 8564 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll[/size]
[size="1"]15:53:42.0162 8564 RasMan - ok[/size]
[size="1"]15:53:42.0257 8564 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys[/size]
[size="1"]15:53:42.0360 8564 RasPppoe - ok[/size]
[size="1"]15:53:42.0459 8564 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys[/size]
[size="1"]15:53:42.0557 8564 RasSstp - ok[/size]
[size="1"]15:53:42.0604 8564 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys[/size]
[size="1"]15:53:42.0704 8564 rdbss - ok[/size]
[size="1"]15:53:42.0740 8564 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys[/size]
[size="1"]15:53:42.0771 8564 rdpbus - ok[/size]
[size="1"]15:53:42.0784 8564 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys[/size]
[size="1"]15:53:42.0876 8564 RDPCDD - ok[/size]
[size="1"]15:53:42.0905 8564 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys[/size]
[size="1"]15:53:42.0994 8564 RDPENCDD - ok[/size]
[size="1"]15:53:43.0028 8564 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys[/size]
[size="1"]15:53:43.0116 8564 RDPREFMP - ok[/size]
[size="1"]15:53:43.0170 8564 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys[/size]
[size="1"]15:53:43.0213 8564 RDPWD - ok[/size]
[size="1"]15:53:43.0261 8564 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys[/size]
[size="1"]15:53:43.0289 8564 rdyboost - ok[/size]
[size="1"]15:53:43.0324 8564 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll[/size]
[size="1"]15:53:43.0433 8564 RemoteAccess - ok[/size]
[size="1"]15:53:43.0488 8564 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll[/size]
[size="1"]15:53:43.0590 8564 RemoteRegistry - ok[/size]
[size="1"]15:53:43.0691 8564 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll[/size]
[size="1"]15:53:43.0790 8564 RpcEptMapper - ok[/size]
[size="1"]15:53:43.0826 8564 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe[/size]
[size="1"]15:53:43.0859 8564 RpcLocator - ok[/size]
[size="1"]15:53:43.0908 8564 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll[/size]
[size="1"]15:53:43.0999 8564 RpcSs - ok[/size]
[size="1"]15:53:44.0071 8564 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys[/size]
[size="1"]15:53:44.0160 8564 rspndr - ok[/size]
[size="1"]15:53:44.0255 8564 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe[/size]
[size="1"]15:53:44.0284 8564 SamSs - ok[/size]
[size="1"]15:53:44.0361 8564 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys[/size]
[size="1"]15:53:44.0386 8564 sbp2port - ok[/size]
[size="1"]15:53:44.0427 8564 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll[/size]
[size="1"]15:53:44.0543 8564 SCardSvr - ok[/size]
[size="1"]15:53:44.0705 8564 SCDEmu (46942b6980b35ffda6afa40a8328938c) C:\Windows\system32\drivers\SCDEmu.sys[/size]
[size="1"]15:53:44.0726 8564 SCDEmu - ok[/size]
[size="1"]15:53:44.0770 8564 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys[/size]
[size="1"]15:53:44.0864 8564 scfilter - ok[/size]
[size="1"]15:53:44.0951 8564 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll[/size]
[size="1"]15:53:45.0102 8564 Schedule - ok[/size]
[size="1"]15:53:45.0199 8564 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll[/size]
[size="1"]15:53:45.0275 8564 SCPolicySvc - ok[/size]
[size="1"]15:53:45.0414 8564 ScsiAccess (958e956e119eb7b9aba142afed1b5ff4) C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe[/size]
[size="1"]15:53:45.0434 8564 ScsiAccess - ok[/size]
[size="1"]15:53:45.0524 8564 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll[/size]
[size="1"]15:53:45.0600 8564 SDRSVC - ok[/size]
[size="1"]15:53:45.0700 8564 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys[/size]
[size="1"]15:53:45.0805 8564 secdrv - ok[/size]
[size="1"]15:53:45.0896 8564 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll[/size]
[size="1"]15:53:45.0997 8564 seclogon - ok[/size]
[size="1"]15:53:46.0133 8564 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\psia.exe[/size]
[size="1"]15:53:46.0200 8564 Secunia PSI Agent - ok[/size]
[size="1"]15:53:46.0250 8564 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe[/size]
[size="1"]15:53:46.0279 8564 Secunia Update Agent - ok[/size]
[size="1"]15:53:46.0377 8564 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll[/size]
[size="1"]15:53:46.0458 8564 SENS - ok[/size]
[size="1"]15:53:46.0553 8564 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll[/size]
[size="1"]15:53:46.0601 8564 SensrSvc - ok[/size]
[size="1"]15:53:46.0688 8564 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys[/size]
[size="1"]15:53:46.0734 8564 Serenum - ok[/size]
[size="1"]15:53:46.0855 8564 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys[/size]
[size="1"]15:53:46.0904 8564 Serial - ok[/size]
[size="1"]15:53:47.0010 8564 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys[/size]
[size="1"]15:53:47.0054 8564 sermouse - ok[/size]
[size="1"]15:53:47.0114 8564 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll[/size]
[size="1"]15:53:47.0217 8564 SessionEnv - ok[/size]
[size="1"]15:53:47.0258 8564 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys[/size]
[size="1"]15:53:47.0305 8564 sffdisk - ok[/size]
[size="1"]15:53:47.0336 8564 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys[/size]
[size="1"]15:53:47.0384 8564 sffp_mmc - ok[/size]
[size="1"]15:53:47.0399 8564 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys[/size]
[size="1"]15:53:47.0435 8564 sffp_sd - ok[/size]
[size="1"]15:53:47.0479 8564 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys[/size]
[size="1"]15:53:47.0526 8564 sfloppy - ok[/size]
[size="1"]15:53:47.0638 8564 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll[/size]
[size="1"]15:53:47.0751 8564 SharedAccess - ok[/size]
[size="1"]15:53:47.0801 8564 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll[/size]
[size="1"]15:53:47.0893 8564 ShellHWDetection - ok[/size]
[size="1"]15:53:47.0948 8564 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys[/size]
[size="1"]15:53:47.0971 8564 SiSRaid2 - ok[/size]
[size="1"]15:53:48.0075 8564 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys[/size]
[size="1"]15:53:48.0099 8564 SiSRaid4 - ok[/size]
[size="1"]15:53:48.0145 8564 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys[/size]
[size="1"]15:53:48.0229 8564 Smb - ok[/size]
[size="1"]15:53:48.0322 8564 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe[/size]
[size="1"]15:53:48.0364 8564 SNMPTRAP - ok[/size]
[size="1"]15:53:48.0407 8564 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys[/size]
[size="1"]15:53:48.0428 8564 spldr - ok[/size]
[size="1"]15:53:48.0472 8564 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe[/size]
[size="1"]15:53:48.0569 8564 Spooler - ok[/size]
[size="1"]15:53:48.0682 8564 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe[/size]
[size="1"]15:53:48.0905 8564 sppsvc - ok[/size]
[size="1"]15:53:49.0064 8564 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll[/size]
[size="1"]15:53:49.0161 8564 sppuinotify - ok[/size]
[size="1"]15:53:49.0298 8564 sptd (aa90a319bb067e0d149b4c95608c4b05) C:\Windows\system32\Drivers\sptd.sys[/size]
[size="1"]15:53:49.0355 8564 sptd - ok[/size]
[size="1"]15:53:49.0422 8564 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys[/size]
[size="1"]15:53:49.0491 8564 srv - ok[/size]
[size="1"]15:53:49.0597 8564 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys[/size]
[size="1"]15:53:49.0649 8564 srv2 - ok[/size]
[size="1"]15:53:49.0697 8564 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys[/size]
[size="1"]15:53:49.0743 8564 srvnet - ok[/size]
[size="1"]15:53:49.0823 8564 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll[/size]
[size="1"]15:53:49.0927 8564 SSDPSRV - ok[/size]
[size="1"]15:53:49.0960 8564 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll[/size]
[size="1"]15:53:50.0063 8564 SstpSvc - ok[/size]
[size="1"]15:53:50.0154 8564 Steam Client Service - ok[/size]
[size="1"]15:53:50.0228 8564 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys[/size]
[size="1"]15:53:50.0249 8564 stexstor - ok[/size]
[size="1"]15:53:50.0306 8564 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll[/size]
[size="1"]15:53:50.0369 8564 stisvc - ok[/size]
[size="1"]15:53:50.0415 8564 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys[/size]
[size="1"]15:53:50.0439 8564 swenum - ok[/size]
[size="1"]15:53:50.0476 8564 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll[/size]
[size="1"]15:53:50.0573 8564 swprv - ok[/size]
[size="1"]15:53:50.0657 8564 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll[/size]
[size="1"]15:53:50.0782 8564 SysMain - ok[/size]
[size="1"]15:53:50.0876 8564 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll[/size]
[size="1"]15:53:50.0940 8564 TabletInputService - ok[/size]
[size="1"]15:53:51.0070 8564 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys[/size]
[size="1"]15:53:51.0090 8564 taphss - ok[/size]
[size="1"]15:53:51.0144 8564 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll[/size]
[size="1"]15:53:51.0239 8564 TapiSrv - ok[/size]
[size="1"]15:53:51.0274 8564 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll[/size]
[size="1"]15:53:51.0379 8564 TBS - ok[/size]
[size="1"]15:53:51.0498 8564 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys[/size]
[size="1"]15:53:51.0598 8564 Tcpip - ok[/size]
[size="1"]15:53:51.0741 8564 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys[/size]
[size="1"]15:53:51.0828 8564 TCPIP6 - ok[/size]
[size="1"]15:53:51.0946 8564 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys[/size]
[size="1"]15:53:52.0031 8564 tcpipreg - ok[/size]
[size="1"]15:53:52.0077 8564 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys[/size]
[size="1"]15:53:52.0122 8564 TDPIPE - ok[/size]
[size="1"]15:53:52.0160 8564 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys[/size]
[size="1"]15:53:52.0188 8564 TDTCP - ok[/size]
[size="1"]15:53:52.0264 8564 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys[/size]
[size="1"]15:53:52.0359 8564 tdx - ok[/size]
[size="1"]15:53:52.0462 8564 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys[/size]
[size="1"]15:53:52.0486 8564 TermDD - ok[/size]
[size="1"]15:53:52.0542 8564 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll[/size]
[size="1"]15:53:52.0662 8564 TermService - ok[/size]
[size="1"]15:53:52.0687 8564 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll[/size]
[size="1"]15:53:52.0747 8564 Themes - ok[/size]
[size="1"]15:53:52.0797 8564 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll[/size]
[size="1"]15:53:52.0874 8564 THREADORDER - ok[/size]
[size="1"]15:53:52.0911 8564 ToolkitDisk (5c248e03921137e131ac5f1459fd42c9) C:\Windows\system32\Drivers\toolkitdisk.sys[/size]
[size="1"]15:53:52.0930 8564 ToolkitDisk - ok[/size]
[size="1"]15:53:53.0062 8564 ToolkitSvc (656db27c5b900edba35dedec38bf7d03) C:\Program Files (x86)\ToolKitService\ToolkitService.exe[/size]
[size="1"]15:53:53.0098 8564 ToolkitSvc - ok[/size]
[size="1"]15:53:53.0211 8564 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll[/size]
[size="1"]15:53:53.0302 8564 TrkWks - ok[/size]
[size="1"]15:53:53.0360 8564 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe[/size]
[size="1"]15:53:53.0443 8564 TrustedInstaller - ok[/size]
[size="1"]15:53:53.0505 8564 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys[/size]
[size="1"]15:53:53.0584 8564 tssecsrv - ok[/size]
[size="1"]15:53:53.0640 8564 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys[/size]
[size="1"]15:53:53.0700 8564 TsUsbFlt - ok[/size]
[size="1"]15:53:53.0825 8564 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys[/size]
[size="1"]15:53:53.0921 8564 tunnel - ok[/size]
[size="1"]15:53:54.0019 8564 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys[/size]
[size="1"]15:53:54.0040 8564 TurboB - ok[/size]
[size="1"]15:53:54.0133 8564 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe[/size]
[size="1"]15:53:54.0153 8564 TurboBoost - ok[/size]
[size="1"]15:53:54.0232 8564 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys[/size]
[size="1"]15:53:54.0255 8564 uagp35 - ok[/size]
[size="1"]15:53:54.0305 8564 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys[/size]
[size="1"]15:53:54.0324 8564 UBHelper - ok[/size]
[size="1"]15:53:54.0374 8564 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys[/size]
[size="1"]15:53:54.0479 8564 udfs - ok[/size]
[size="1"]15:53:54.0580 8564 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe[/size]
[size="1"]15:53:54.0629 8564 UI0Detect - ok[/size]
[size="1"]15:53:54.0687 8564 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys[/size]
[size="1"]15:53:54.0708 8564 uliagpkx - ok[/size]
[size="1"]15:53:54.0751 8564 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys[/size]
[size="1"]15:53:54.0798 8564 umbus - ok[/size]
[size="1"]15:53:54.0838 8564 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys[/size]
[size="1"]15:53:54.0883 8564 UmPass - ok[/size]
[size="1"]15:53:55.0049 8564 UNS (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe[/size]
[size="1"]15:53:55.0184 8564 UNS - ok[/size]
[size="1"]15:53:55.0275 8564 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Acer\Acer Updater\UpdaterService.exe[/size]
[size="1"]15:53:55.0300 8564 Updater Service - ok[/size]
[size="1"]15:53:55.0382 8564 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll[/size]
[size="1"]15:53:55.0469 8564 upnphost - ok[/size]
[size="1"]15:53:55.0555 8564 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys[/size]
[size="1"]15:53:55.0607 8564 USBAAPL64 - ok[/size]
[size="1"]15:53:55.0704 8564 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys[/size]
[size="1"]15:53:55.0743 8564 usbccgp - ok[/size]
[size="1"]15:53:55.0848 8564 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys[/size]
[size="1"]15:53:55.0885 8564 usbcir - ok[/size]
[size="1"]15:53:55.0910 8564 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys[/size]
[size="1"]15:53:55.0960 8564 usbehci - ok[/size]
[size="1"]15:53:56.0094 8564 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys[/size]
[size="1"]15:53:56.0154 8564 usbhub - ok[/size]
[size="1"]15:53:56.0205 8564 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys[/size]
[size="1"]15:53:56.0237 8564 usbohci - ok[/size]
[size="1"]15:53:56.0340 8564 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys[/size]
[size="1"]15:53:56.0393 8564 usbprint - ok[/size]
[size="1"]15:53:56.0494 8564 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys[/size]
[size="1"]15:53:56.0543 8564 usbscan - ok[/size]
[size="1"]15:53:56.0675 8564 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS[/size]
[size="1"]15:53:56.0708 8564 USBSTOR - ok[/size]
[size="1"]15:53:56.0763 8564 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys[/size]
[size="1"]15:53:56.0811 8564 usbuhci - ok[/size]
[size="1"]15:53:56.0931 8564 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys[/size]
[size="1"]15:53:56.0980 8564 usbvideo - ok[/size]
[size="1"]15:53:57.0016 8564 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll[/size]
[size="1"]15:53:57.0115 8564 UxSms - ok[/size]
[size="1"]15:53:57.0167 8564 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe[/size]
[size="1"]15:53:57.0193 8564 VaultSvc - ok[/size]
[size="1"]15:53:57.0251 8564 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys[/size]
[size="1"]15:53:57.0272 8564 vdrvroot - ok[/size]
[size="1"]15:53:57.0323 8564 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe[/size]
[size="1"]15:53:57.0459 8564 vds - ok[/size]
[size="1"]15:53:57.0571 8564 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys[/size]
[size="1"]15:53:57.0607 8564 vga - ok[/size]
[size="1"]15:53:57.0636 8564 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys[/size]
[size="1"]15:53:57.0734 8564 VgaSave - ok[/size]
[size="1"]15:53:57.0786 8564 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys[/size]
[size="1"]15:53:57.0815 8564 vhdmp - ok[/size]
[size="1"]15:53:57.0865 8564 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys[/size]
[size="1"]15:53:57.0886 8564 viaide - ok[/size]
[size="1"]15:53:57.0939 8564 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys[/size]
[size="1"]15:53:57.0963 8564 volmgr - ok[/size]
[size="1"]15:53:58.0011 8564 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys[/size]
[size="1"]15:53:58.0047 8564 volmgrx - ok[/size]
[size="1"]15:53:58.0101 8564 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys[/size]
[size="1"]15:53:58.0134 8564 volsnap - ok[/size]
[size="1"]15:53:58.0190 8564 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys[/size]
[size="1"]15:53:58.0216 8564 vsmraid - ok[/size]
[size="1"]15:53:58.0297 8564 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe[/size]
[size="1"]15:53:58.0476 8564 VSS - ok[/size]
[size="1"]15:53:58.0571 8564 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys[/size]
[size="1"]15:53:58.0603 8564 vwifibus - ok[/size]
[size="1"]15:53:58.0618 8564 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys[/size]
[size="1"]15:53:58.0678 8564 vwififlt - ok[/size]
[size="1"]15:53:58.0770 8564 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys[/size]
[size="1"]15:53:58.0826 8564 vwifimp - ok[/size]
[size="1"]15:53:58.0867 8564 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll[/size]
[size="1"]15:53:58.0964 8564 W32Time - ok[/size]
[size="1"]15:53:59.0009 8564 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys[/size]
[size="1"]15:53:59.0051 8564 WacomPen - ok[/size]
[size="1"]15:53:59.0153 8564 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys[/size]
[size="1"]15:53:59.0234 8564 WANARP - ok[/size]
[size="1"]15:53:59.0240 8564 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys[/size]
[size="1"]15:53:59.0321 8564 Wanarpv6 - ok[/size]
[size="1"]15:53:59.0460 8564 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe[/size]
[size="1"]15:53:59.0538 8564 WatAdminSvc - ok[/size]
[size="1"]15:53:59.0680 8564 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe[/size]
[size="1"]15:53:59.0810 8564 wbengine - ok[/size]
[size="1"]15:53:59.0890 8564 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll[/size]
[size="1"]15:53:59.0953 8564 WbioSrvc - ok[/size]
[size="1"]15:53:59.0998 8564 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll[/size]
[size="1"]15:54:00.0105 8564 wcncsvc - ok[/size]
[size="1"]15:54:00.0171 8564 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll[/size]
[size="1"]15:54:00.0247 8564 WcsPlugInService - ok[/size]
[size="1"]15:54:00.0358 8564 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys[/size]
[size="1"]15:54:00.0380 8564 Wd - ok[/size]
[size="1"]15:54:00.0421 8564 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys[/size]
[size="1"]15:54:00.0474 8564 Wdf01000 - ok[/size]
[size="1"]15:54:00.0505 8564 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll[/size]
[size="1"]15:54:00.0631 8564 WdiServiceHost - ok[/size]
[size="1"]15:54:00.0637 8564 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll[/size]
[size="1"]15:54:00.0690 8564 WdiSystemHost - ok[/size]
[size="1"]15:54:00.0772 8564 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll[/size]
[size="1"]15:54:00.0845 8564 WebClient - ok[/size]
[size="1"]15:54:00.0895 8564 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll[/size]
[size="1"]15:54:01.0015 8564 Wecsvc - ok[/size]
[size="1"]15:54:01.0117 8564 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll[/size]
[size="1"]15:54:01.0237 8564 wercplsupport - ok[/size]
[size="1"]15:54:01.0282 8564 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll[/size]
[size="1"]15:54:01.0383 8564 WerSvc - ok[/size]
[size="1"]15:54:01.0442 8564 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys[/size]
[size="1"]15:54:01.0530 8564 WfpLwf - ok[/size]
[size="1"]15:54:01.0553 8564 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys[/size]
[size="1"]15:54:01.0575 8564 WIMMount - ok[/size]
[size="1"]15:54:01.0607 8564 WinDefend - ok[/size]
[size="1"]15:54:01.0625 8564 WinHttpAutoProxySvc - ok[/size]
[size="1"]15:54:01.0728 8564 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll[/size]
[size="1"]15:54:01.0840 8564 Winmgmt - ok[/size]
[size="1"]15:54:01.0980 8564 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll[/size]
[size="1"]15:54:02.0180 8564 WinRM - ok[/size]
[size="1"]15:54:02.0324 8564 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys[/size]
[size="1"]15:54:02.0364 8564 WinUsb - ok[/size]
[size="1"]15:54:02.0419 8564 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll[/size]
[size="1"]15:54:02.0531 8564 Wlansvc - ok[/size]
[size="1"]15:54:02.0664 8564 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys[/size]
[size="1"]15:54:02.0710 8564 WmiAcpi - ok[/size]
[size="1"]15:54:02.0785 8564 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe[/size]
[size="1"]15:54:02.0823 8564 wmiApSrv - ok[/size]
[size="1"]15:54:02.0876 8564 WMPNetworkSvc - ok[/size]
[size="1"]15:54:02.0946 8564 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll[/size]
[size="1"]15:54:02.0987 8564 WPCSvc - ok[/size]
[size="1"]15:54:03.0063 8564 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll[/size]
[size="1"]15:54:03.0125 8564 WPDBusEnum - ok[/size]
[size="1"]15:54:03.0160 8564 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys[/size]
[size="1"]15:54:03.0265 8564 ws2ifsl - ok[/size]
[size="1"]15:54:03.0309 8564 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll[/size]
[size="1"]15:54:03.0357 8564 wscsvc - ok[/size]
[size="1"]15:54:03.0368 8564 WSearch - ok[/size]
[size="1"]15:54:03.0474 8564 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll[/size]
[size="1"]15:54:03.0707 8564 wuauserv - ok[/size]
[size="1"]15:54:03.0812 8564 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys[/size]
[size="1"]15:54:03.0910 8564 WudfPf - ok[/size]
[size="1"]15:54:04.0040 8564 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys[/size]
[size="1"]15:54:04.0129 8564 WUDFRd - ok[/size]
[size="1"]15:54:04.0166 8564 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll[/size]
[size="1"]15:54:04.0260 8564 wudfsvc - ok[/size]
[size="1"]15:54:04.0304 8564 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll[/size]
[size="1"]15:54:04.0359 8564 WwanSvc - ok[/size]
[size="1"]15:54:04.0425 8564 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0[/size]
[size="1"]15:54:04.0641 8564 \Device\Harddisk0\DR0 - ok[/size]
[size="1"]15:54:04.0646 8564 Boot (0x1200) (bbb847b04b388c514fd80d0f0ab866df) \Device\Harddisk0\DR0\Partition0[/size]
[size="1"]15:54:04.0649 8564 \Device\Harddisk0\DR0\Partition0 - ok[/size]
[size="1"]15:54:04.0682 8564 Boot (0x1200) (c396a0cd6f4d60337d67c32cf4b3308a) \Device\Harddisk0\DR0\Partition1[/size]
[size="1"]15:54:04.0684 8564 \Device\Harddisk0\DR0\Partition1 - ok[/size]
[size="1"]15:54:04.0685 8564 ============================================================[/size]
[size="1"]15:54:04.0685 8564 Scan finished[/size]
[size="1"]15:54:04.0685 8564 ============================================================[/size]
[size="1"]15:54:04.0705 8604 Detected object count: 3[/size]
[size="1"]15:54:04.0705 8604 Actual detected object count: 3[/size]
[size="1"]15:54:28.0175 8604 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user[/size]
[size="1"]15:54:28.0175 8604 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip [/size]
[size="1"]15:54:28.0177 8604 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - skipped by user[/size]
[size="1"]15:54:28.0177 8604 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip [/size]
[size="1"]15:54:28.0179 8604 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user[/size]
[size="1"]15:54:28.0179 8604 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip [/size]

#7 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 17,441 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 05 April 2012 - 03:01 PM

Please make sure your Avast is up-to-date and perform a full system scan. Let me know.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

#8 tarumbl

tarumbl

    New Member

  • Members
  • Pip
  • 6 posts

Posted 05 April 2012 - 05:09 PM

Sorry for taking so long, the scan took a while and thanks for responding so quickly. Avast found a threat "MBR:Alureon-K [Rtk]". The default is "move to chest" just wondering what I should do exactly. My avast is up to date.

Google hasn't redirected and Avast hasn't given me the mal:url warnings since the TDSS scan.

Thanks for the help.

#9 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 17,441 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 06 April 2012 - 06:53 AM

Quote

Avast found a threat "MBR:Alureon-K [Rtk]". The default is "move to chest" just wondering what I should do exactly.

It is not the bad choice, because that was from TDSSKiller backup, so is not a dangerous item.

Please manually delete DDS and TDSSKiller.

Some malware preventions:
http://forums.malwar...=0


Safe surfing! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

#10 tarumbl

tarumbl

    New Member

  • Members
  • Pip
  • 6 posts

Posted 06 April 2012 - 12:35 PM

Thanks a lot! I just deleted DDS and TDSSKiller, thanks for the link =)

#11 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 17,441 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 06 April 2012 - 03:11 PM

You're welcome! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here Posted Image

#12 Maurice Naggar

Maurice Naggar

    Eradicator de logiciels malveillants

  • Moderators
  • PipPipPipPipPipPip
  • 13,598 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 06 April 2012 - 04:33 PM

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Consumer Support Specialist

Posted Image

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.
Back to Resolved HijackThis Logs


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Malware Removal Support
  3. Malware Removal Help
  4. Resolved HijackThis Logs
  5. Privacy Policy
  6. Terms of Use ·